[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248149

 
 

909

 
 

194803

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

Privilege escalation vulnerability in Microsoft Office - CVE-2015-2503

ID: oval:org.secpod.oval:def:31390Date: (C)2015-11-16   (M)2023-09-15
Class: VULNERABILITYFamily: windows




The host is installed with Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 SP2, OneNote 2010 SP2, PowerPoint 2010 SP2, Project 2010 SP2, Publisher 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Access 2013 SP1, Excel 2013 SP1, InfoPath 2013 SP1, OneNote 2013 SP1, PowerPoint 2013 SP1, Project 2013 SP1, Publisher 2013 SP1, Visio 2013 SP1, Word 2013 SP1, Access 2016, Excel 2016, OneNote 2016, PowerPoint 2016, Project 2016, Publisher 2016, Visio 2016, Word 2016 or Lync 2013 SP1 and is prone to a privilege escalation vulnerability. The flaws are present in the applications, which fail to handle specially crafted Microsoft Office file. Successful exploitation could allow attackers to run arbitrary code in the context of the current user.

Platform:
Microsoft Windows Server 2022
Microsoft Windows 11
Microsoft Windows Server 2019
Microsoft Windows Server 2016
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Vista
Microsoft Windows 10
Microsoft Windows Server 2008 R2
Product:
Microsoft Excel 2007
Microsoft Excel 2010
Microsoft Excel 2013
Microsoft Excel 2016
Microsoft InfoPath 2007
Microsoft InfoPath 2010
Microsoft Infopath 2013
Microsoft Lync Basic 2013
Microsoft Office Access 2007
Microsoft Office Access 2010
Microsoft Office Access 2013
Microsoft Office Access 2016
Microsoft Office IME Japanese 2007
Microsoft Office OneNote 2007
Microsoft OneNote 2010
Microsoft OneNote 2013
Microsoft OneNote 2016
Microsoft PowerPoint 2007
Microsoft PowerPoint 2010
Microsoft PowerPoint 2013
Microsoft Powerpoint 2016
Microsoft Project 2007
Microsoft Project 2010
Microsoft Project 2013
Microsoft Project 2016
Microsoft Publisher 2007
Microsoft Publisher 2010
Microsoft Publisher 2013
Microsoft Publisher 2016
Microsoft Visio 2007
Microsoft Visio 2010
Microsoft Visio 2013
Microsoft Visio 2016
Microsoft Word 2007
Microsoft Word 2010
Microsoft Word 2013
Microsoft Word 2016
Reference:
CVE-2015-2503
CVE    1
CVE-2015-2503
CPE    72
cpe:/a:microsoft:visio:2007:sp3
cpe:/a:microsoft:powerpoint:2010:sp2
cpe:/a:microsoft:excel:2010:sp2:~~~~x64~
cpe:/a:microsoft:publisher:2013:sp1
...

© SecPod Technologies