CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-2424

Microsoft PowerPoint 2007 SP3, Word 2007 SP3, PowerPoint 2010 SP2, Word 2010 SP2, PowerPoint 2013 SP1, Word 2013 SP1, and PowerPoint 2013 RT SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.6

EPSS Ranking 98.1%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 9.3

Proposed Action

Microsoft PowerPoint allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document.

Ransomware Campaign

Unknown

References

Products affected by CVE-2015-2424

Microsoft » Excel Viewer » Version: 2007

cpe:2.3:a:microsoft:excel_viewer:2007
Microsoft » Office » Version: 2007

cpe:2.3:a:microsoft:office:2007
Microsoft » Office » Version: 2010

cpe:2.3:a:microsoft:office:2010
Microsoft » Office » Version: 2011

cpe:2.3:a:microsoft:office:2011
Microsoft » Office » Version: 2013

cpe:2.3:a:microsoft:office:2013
Microsoft » Office Compatibility Pack » Version: N/A

cpe:2.3:a:microsoft:office_compatibility_pack:-
Microsoft » Powerpoint » Version: 2007

cpe:2.3:a:microsoft:powerpoint:2007
Microsoft » Powerpoint » Version: 2010

cpe:2.3:a:microsoft:powerpoint:2010
Microsoft » Word » Version: 2013

cpe:2.3:a:microsoft:word:2013
Microsoft » Word Viewer » Version: N/A

cpe:2.3:a:microsoft:word_viewer:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-2424

Products

Pricing

Contact Us