| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS15-012 | Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3032328) | Microsoft Office | Important | 11-02-2015 |
Technical Information
Brief overview of the risk:
This security update resolves three privately reported vulnerabilities in Microsoft Office. The vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user.
Detailed Information on the risk:
A remote code execution vulnerability exists in Microsoft Excel that is caused when Excel improperly handles objects in memory while parsing specially crafted Office files. This could corrupt system memory in such a way as to allow an attacker to execute arbitrary code.
Further information on this exploit is available at : MS15-012
Microsoft Office 2010
Microsoft Office 2013
Microsoft SharePoint Server 2010
Microsoft Office Web Apps 2010
Affected Software
Microsoft Office 2007Microsoft Office 2010
Microsoft Office 2013
Microsoft SharePoint Server 2010
Microsoft Office Web Apps 2010