All the vulnerabilites related to microsoft - word_web_apps_server
cve-2015-2468
Vulnerability from cvelistv5
Published
2015-08-15 00:00
Modified
2024-08-06 05:17
Severity ?
Summary
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office for Mac 2011, Office for Mac 2016, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, Word Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
References
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-081vendor-advisory, x_refsource_MS
https://www.exploit-db.com/exploits/37912/exploit, x_refsource_EXPLOIT-DB
http://www.securitytracker.com/id/1033239vdb-entry, x_refsource_SECTRACK
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T05:17:26.518Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "MS15-081",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-081"
          },
          {
            "name": "37912",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/37912/"
          },
          {
            "name": "1033239",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033239"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-08-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office for Mac 2011, Office for Mac 2016, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, Word Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted document, aka \"Microsoft Office Memory Corruption Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "MS15-081",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-081"
        },
        {
          "name": "37912",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/37912/"
        },
        {
          "name": "1033239",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1033239"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2015-2468",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office for Mac 2011, Office for Mac 2016, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, Word Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted document, aka \"Microsoft Office Memory Corruption Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "MS15-081",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-081"
            },
            {
              "name": "37912",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/37912/"
            },
            {
              "name": "1033239",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1033239"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2015-2468",
    "datePublished": "2015-08-15T00:00:00",
    "dateReserved": "2015-03-19T00:00:00",
    "dateUpdated": "2024-08-06T05:17:26.518Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd
Published
2015-08-15 00:59
Modified
2024-11-21 02:27
Severity ?
Summary
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office for Mac 2011, Office for Mac 2016, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, Word Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
References
secure@microsoft.comhttp://www.securitytracker.com/id/1033239
secure@microsoft.comhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-081
secure@microsoft.comhttps://www.exploit-db.com/exploits/37912/
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1033239
af854a3a-2127-422b-91ae-364da2661108https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-081
af854a3a-2127-422b-91ae-364da2661108https://www.exploit-db.com/exploits/37912/
Impacted products
Vendor Product Version
microsoft office 2010
microsoft office 2011
microsoft office 2016
microsoft office_compatibility_pack *
microsoft sharepoint_server 2010
microsoft sharepoint_server 2013
microsoft word 2007
microsoft word 2010
microsoft word 2013
microsoft word 2013
microsoft word_viewer *
microsoft word_web_apps 2010
microsoft word_web_apps_server 2013


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "081DE1E3-4622-4C32-8B9C-9AEC1CD20638",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2011:*:*:*:*:mac:*:*",
              "matchCriteriaId": "AA77823A-1112-49BE-A140-790E8816DAEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2016:*:*:*:*:mac:*:*",
              "matchCriteriaId": "AE116A39-963D-43E2-A21B-782271C4F63C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "44BC7B7B-7191-431C-8CAE-83B3F0EFF03E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "9A57C675-05A9-4BC2-AE95-7CA5CA6B1F73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:sharepoint_server:2013:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "16F33176-442C-4EFF-8EA0-C640D203B939",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:word:2007:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "7D006508-BFB0-4F21-A361-3DA644F51D8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:word:2010:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "24EEDAD9-9656-4B21-82E4-D60B83777492",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:word:2013:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "32E1400A-836A-4E48-B2CD-2B0A9A8241BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:word:2013:sp1:*:*:rt:*:*:*",
              "matchCriteriaId": "45E21528-4B0F-4A6F-82AD-DF7FDBF67C8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:word_viewer:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D79B6572-E7DF-4CC2-B70B-9B31BE1B6A81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:word_web_apps:2010:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "4D7388C5-E104-436A-8772-57BEB82856DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:word_web_apps_server:2013:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "72A58760-C948-4CAC-A100-90AF1A047B71",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office for Mac 2011, Office for Mac 2016, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, Word Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted document, aka \"Microsoft Office Memory Corruption Vulnerability.\""
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad en Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office para Mac 2011, Office para Mac 2016, Office Compatibility Pack SP3, Word Viewer, Word Automation Services en SharePoint Server 2010 SP2 y 2013 SP1, Word Web Apps 2010 SP2 y Office Web Apps Server 2013 SP1, permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un documento manipulado, tambi\u00e9n conocida como \u0027Microsoft Office Memory Corruption Vulnerability.\u0027"
    }
  ],
  "id": "CVE-2015-2468",
  "lastModified": "2024-11-21T02:27:26.910",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2015-08-15T00:59:27.717",
  "references": [
    {
      "source": "secure@microsoft.com",
      "url": "http://www.securitytracker.com/id/1033239"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-081"
    },
    {
      "source": "secure@microsoft.com",
      "url": "https://www.exploit-db.com/exploits/37912/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1033239"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-081"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.exploit-db.com/exploits/37912/"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}