CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
99.4%
An unspecified vulnerabilities were found in Microsoft Office. By exploiting these vulnerabilities malicious users can cause denial of service or execute arbitrary code. These vulnerabilities can be exploited remotely via a specially designed Office document.
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
CVE-2015-0064 critical
CVE-2015-0063 critical
CVE-2015-0065 critical
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
support.microsoft.com/kb/2920753
support.microsoft.com/kb/2920788
support.microsoft.com/kb/2920791
support.microsoft.com/kb/2920810
support.microsoft.com/kb/2956058
support.microsoft.com/kb/2956066
support.microsoft.com/kb/2956070
support.microsoft.com/kb/2956073
support.microsoft.com/kb/2956081
support.microsoft.com/kb/2956092
support.microsoft.com/kb/2956097
support.microsoft.com/kb/2956098
support.microsoft.com/kb/2956099
support.microsoft.com/kb/3032328
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-0063
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-0064
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-0065
statistics.securelist.com/
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Office/