Published: 14/04/2015 Updated: 12/10/2018

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Use-after-free vulnerability in Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps Server 2010 SP2 allows remote malicious users to execute arbitrary code via a crafted Office document, aka "Microsoft Office Component Use After Free Vulnerability."

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft office 2010
microsoft word viewer
microsoft office compatibility pack
microsoft sharepoint server 2010
microsoft word 2007
microsoft sharepoint server 2013
microsoft office web apps 2010
microsoft office web apps 2013
microsoft word 2010
microsoft word 2013

Microsoft Security Updates April 2015

Securelist • Kurt Baumgartner • 14 Apr 2015

Microsoft releases 11 Security Bulletins (MS15-032 through MS15-042) today, addressing a list of over 25 CVE-identified vulnerabilities for April of 2015. Critical vulnerabilities are fixed in Internet Explorer, Microsoft Office, and the network and graphics stacks. Most of the critical remote code execution (RCE) vulnerabilities reside in the IE memory corruption bugs for all versions of Internet Explorer (6-11) and the Microsoft Office use-after-free. updated: However, they appear to *almost...

CVE-2015-1649

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect