9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
10 High
AI Score
Confidence
High
0.772 High
EPSS
Percentile
98.2%
Multiple serious vulnerabilities have been found in Microsoft office. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, gain privileges or execute arbitrary code.
Below is a complete list of vulnerabilities
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
CVE-2015-2377 critical
CVE-2015-2376 critical
CVE-2015-2375 warning
CVE-2015-2379 critical
CVE-2015-2378 high
CVE-2015-2380 critical
CVE-2015-2424 critical
CVE-2015-2415 critical
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
support.microsoft.com/kb/2837612
support.microsoft.com/kb/2965208
support.microsoft.com/kb/2965209
support.microsoft.com/kb/2965281
support.microsoft.com/kb/2965283
support.microsoft.com/kb/3054861
support.microsoft.com/kb/3054949
support.microsoft.com/kb/3054958
support.microsoft.com/kb/3054963
support.microsoft.com/kb/3054968
support.microsoft.com/kb/3054971
support.microsoft.com/kb/3054973
support.microsoft.com/kb/3054981
support.microsoft.com/kb/3054990
support.microsoft.com/kb/3054996
support.microsoft.com/kb/3054999
support.microsoft.com/kb/3072620
support.microsoft.com/kb/3073865
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2375
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2376
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2377
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2378
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2379
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2380
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2415
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2424
statistics.securelist.com/
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Office/
threats.kaspersky.com/en/product/Microsoft-Sharepoint-Server/