SB2015081102 - Multiple vulnerabilities in Microsoft Office 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2015081102

SB2015081102 - Multiple vulnerabilities in Microsoft Office

Published: August 11, 2015

Security Bulletin ID SB2015081102
Severity
Critical
Patch available
YES
Number of vulnerabilities 8
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Critical 13% High 88%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 8 secuirty vulnerabilities.


1) Integer underflow (CVE-ID: CVE-2015-2470)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to integer underflow when processing Microsoft Office files. A remote attacker can trick the victim into opening a specially crafted Office file and execute arbitrary commands on the target system with privileges of the current user.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.


2) Memory corruption (CVE-ID: CVE-2015-2466)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing Microsoft Office documents. A remote unauthenticated attacker can create a specially crafted Office document, trick the victim into opening it and execute arbitrary code on the target system with privileges of the current user.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.



3) Input validation error (CVE-ID: CVE-2015-2423)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to input validation error when processing command line parameters in Microsoft Office files at a medium integrity level within Internet Explorer running in Enhanced Protection Mode (EPM). A remote attacker can trick the victim into opening a specially crafted Office file and execute arbitrary commands on the target system with privileges of the current user.

The vulnerability resides within Microsoft Windows, Internet Explorer, and Microsoft Office.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.


4) Memory corruption (CVE-ID: CVE-2015-2477)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing Microsoft Word documents. A remote unauthenticated attacker can create a specially crafted Word document, trick the victim into opening it and execute arbitrary code on the target system with privileges of the current user.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.



5) Memory corruption (CVE-ID: CVE-2015-2469)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing Microsoft Office documents. A remote unauthenticated attacker can create a specially crafted Office document, trick the victim into opening it and execute arbitrary code on the target system with privileges of the current user.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.



6) Memory corruption (CVE-ID: CVE-2015-2468)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing Microsoft Office documents. A remote unauthenticated attacker can create a specially crafted Office document, trick the victim into opening it and execute arbitrary code on the target system with privileges of the current user.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


7) Memory corruption (CVE-ID: CVE-2015-2467)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing Microsoft Office documents. A remote unauthenticated attacker can create a specially crafted Office document, trick the victim into opening it and execute arbitrary code on the target system with privileges of the current user.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.



8) Memory corruption (CVE-ID: CVE-2015-1642)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to boundary error when processing Microsoft Office documents. A remote unauthenticated attacker can create a specially crafted Office document, trick the victim into opening it and execute arbitrary code on the target system with privileges of the current user.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Note: this vulnerability is being actively exploited.


Remediation

Install update from vendor's website.

References