CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
98.7%
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to spoof user interface, gain privileges or execute arbitrary code.
Below is a complete list of vulnerabilities
CVE-2015-6091 critical
CVE-2015-6092 critical
CVE-2015-6093 critical
CVE-2015-6094 critical
CVE-2015-6038 critical
CVE-2015-2503 critical
CVE-2015-6123 warning
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.
support.microsoft.com/kb/2596614
support.microsoft.com/kb/2596770
support.microsoft.com/kb/2687406
support.microsoft.com/kb/2817478
support.microsoft.com/kb/2878230
support.microsoft.com/kb/2880506
support.microsoft.com/kb/2889915
support.microsoft.com/kb/2899473
support.microsoft.com/kb/2899516
support.microsoft.com/kb/2910978
support.microsoft.com/kb/2920680
support.microsoft.com/kb/2920698
support.microsoft.com/kb/2920726
support.microsoft.com/kb/2965313
support.microsoft.com/kb/3054793
support.microsoft.com/kb/3054978
support.microsoft.com/kb/3085477
support.microsoft.com/kb/3085511
support.microsoft.com/kb/3085548
support.microsoft.com/kb/3085551
support.microsoft.com/kb/3085552
support.microsoft.com/kb/3085561
support.microsoft.com/kb/3085584
support.microsoft.com/kb/3085594
support.microsoft.com/kb/3085614
support.microsoft.com/kb/3085634
support.microsoft.com/kb/3101359
support.microsoft.com/kb/3101360
support.microsoft.com/kb/3101364
support.microsoft.com/kb/3101365
support.microsoft.com/kb/3101367
support.microsoft.com/kb/3101370
support.microsoft.com/kb/3101371
support.microsoft.com/kb/3101496
support.microsoft.com/kb/3101499
support.microsoft.com/kb/3101506
support.microsoft.com/kb/3101507
support.microsoft.com/kb/3101509
support.microsoft.com/kb/3101510
support.microsoft.com/kb/3101512
support.microsoft.com/kb/3101513
support.microsoft.com/kb/3101514
support.microsoft.com/kb/3101521
support.microsoft.com/kb/3101525
support.microsoft.com/kb/3101526
support.microsoft.com/kb/3101529
support.microsoft.com/kb/3101533
support.microsoft.com/kb/3101543
support.microsoft.com/kb/3101544
support.microsoft.com/kb/3101553
support.microsoft.com/kb/3101554
support.microsoft.com/kb/3101555
support.microsoft.com/kb/3101558
support.microsoft.com/kb/3101559
support.microsoft.com/kb/3101560
support.microsoft.com/kb/3101564
support.microsoft.com/kb/3102924
support.microsoft.com/kb/3102925
support.microsoft.com/kb/3104540
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2503
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6038
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6091
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6092
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6093
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6094
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6123
statistics.securelist.com/
threats.kaspersky.com/en/product/Microsoft-Office/