CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
99.3%
Use-after-free, XSS and aother unspecified vulnerabilities were found in Microsoft products. By exploiting these vulnerabilities malicious users can execute or inject arbitrary code. These vulnerabilities can be exploited remotely via a specially designed Office document.
CVE-2015-0204 warning
CVE-2015-0484 high
CVE-2015-0492 critical
CVE-2015-0469 critical
CVE-2015-0478 warning
CVE-2015-0480 high
CVE-2015-0477 warning
CVE-2015-0458 critical
CVE-2015-0459 critical
CVE-2015-0470 warning
CVE-2015-0488 critical
CVE-2015-0486 critical
CVE-2015-0491 critical
CVE-2015-0460 critical
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Loss of integrity. Exploitation of vulnerabilities with this impact can lead to partial system fault or system components connection disruption.
support.microsoft.com/kb/2553164
support.microsoft.com/kb/2553428
support.microsoft.com/kb/2965210
support.microsoft.com/kb/2965215
support.microsoft.com/kb/2965224
support.microsoft.com/kb/2965236
support.microsoft.com/kb/2965238
support.microsoft.com/kb/2965284
support.microsoft.com/kb/2965289
support.microsoft.com/kb/2965306
support.microsoft.com/kb/3051737
support.microsoft.com/kb/3055707
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-0204
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-0458
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-0459
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-0460
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-0469
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-0470
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-0477
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-0478
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-0480
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-0484
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-0486
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-0488
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-0491
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-0492
statistics.securelist.com/
technet.microsoft.com/en-us/library/security/ms15-033
threats.kaspersky.com/en/product/Microsoft-Office/