<< Back
CVE Number Vulnerability Product Severity Date
MS15-012 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3032328) Microsoft Office Important 11-02-2015

Technical Information

Brief overview of the risk:
This security update resolves three privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user.

Detailed Information on the risk:

A remote code execution vulnerability exists in Microsoft Excel that is caused when Excel improperly handles objects in memory while parsing specially crafted Office files. This could corrupt system memory in such a way as to allow an attacker to execute arbitrary code.


Further information on this exploit is available at : MS15-012

Microsoft Office 2007
Microsoft Office 2010
Microsoft Office 2013
Microsoft SharePoint Server 2010
Microsoft Office Web Apps 2010

Affected Software

Microsoft Office 2007
Microsoft Office 2010
Microsoft Office 2013
Microsoft SharePoint Server 2010
Microsoft Office Web Apps 2010