Lucene search

K

[email protected]NVD:CVE-2015-2375

HistoryJul 14, 2015 - 9:59 p.m.

CVE-2015-2375

2015-07-1421:59:10

CWE-200

[email protected]

web.nvd.nist.gov

1

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

6.4 Medium

AI Score

Confidence

Low

0.529 Medium

EPSS

Percentile

97.6%

Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel Viewer 2007 SP3, Excel Services on SharePoint Server 2010 SP2, and Excel Services on SharePoint Server 2013 SP1 allow remote attackers to bypass the ASLR protection mechanism via a crafted spreadsheet, aka “Microsoft Excel ASLR Bypass Vulnerability.”

Affected configurations

NVD

Node

microsoftexcelMatch2010sp2x64

OR

microsoftexcelMatch2010sp2x86

OR

microsoftexcelMatch2013sp1

OR

microsoftexcelMatch2013sp1rt

Node

microsoftsharepoint_serverMatch2010sp2

OR

microsoftsharepoint_serverMatch2013sp1

Node

microsoftexcel_viewerMatch2007sp3

References

www.securitytracker.com/id/1032899

docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-070

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

6.4 Medium

AI Score

Confidence

Low

0.529 Medium

EPSS

Percentile

97.6%

Related for NVD:CVE-2015-2375

cve1 checkpoint_advisories1 symantec1 cvelist1 prion1 zdi1 openvas2 nessus1 securityvulns1 kaspersky1 threatpost1