Microsoft Office CVE-2015-1641 Memory Corruption Vulnerability



Microsoft Office is prone to a remote memory-corruption vulnerability.

An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions.

Information

Bugtraq ID: 73995
Class: Unknown
CVE: CVE-2015-1641

Remote: Yes
Local: No
Published: Apr 14 2015 12:00AM
Updated: Jul 13 2017 05:06PM
Credit: Microsoft
Vulnerable: Microsoft Word for Mac 2011 0
Microsoft Word Automation Services on Microsoft SharePoint Server 2013 Service Pack 1
Microsoft Word Automation Services on Microsoft SharePoint Server 2010 SP2 0
Microsoft Word 2013 Service Pack 1 (64-bit editions)
Microsoft Word 2013 Service Pack 1 (32-bit editions)
Microsoft Word 2013 RT Service Pack 1 0
Microsoft Word 2010 Service Pack 2 (64-bit editions) 0
Microsoft Word 2010 Service Pack 2 (32-bit editions) 0
Microsoft Word 2007 SP3
Microsoft Office Web Apps Server 2013 SP1
Microsoft Office Web Apps Server 2010 Service Pack 2
Microsoft Office Compatibility Pack SP3
Microsoft Office 2010 (64-bit edition) SP2
Microsoft Office 2010 (32-bit edition) SP2


Not Vulnerable:

Exploit


This vulnerability is being exploited as part of multiple cyber espionage and cybercrime campaigns identified in Symantec MATI reports SYMC - 300377, SYMC - 300451, SYMC - 300503, SYMC - 300514, SYMC - 300611, and SYMC - 300615.


Related Posts