CVSS: 9.3EPSS: 73%CPEs: 10EXPL: 1CVE-2015-2510 – Microsoft Office 2007 - 'OGL.dll' ValidateBitmapInfo Bounds Check Failure (MS15-097)
https://notcve.org/view.php?id=CVE-2015-2510
Buffer overflow in the Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2, Office 2007 SP3, Office 2010 SP2, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 SP1, and Live Meeting 2007 Console allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "Graphics Component Buffer Overflow Vulnerability." Vulnerabilidad de desbordamiento de Buffer en Adobe Type Manager Library en Microsoft Windows Vista SP2, Windows Server 2008 SP2, Office 2007 SP3, Office 2010 SP2, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 SP1 y Live Meeting 2007 Console, permite a atacantes remotos ejecutar código arbitrario a través de una fuente OpenType manipulada, también conocida como 'Graphics Component Buffer Overflow Vulnerability.' A bounds check crash was observed in Microsoft Office 2007 Excel with Microsoft Office File Validation Add-In disabled and Application Verifier enabled for testing and reproduction. This bug did not reproduce in Office 2010 or 2013. • https://www.exploit-db.com/exploits/38217 http://www.securityfocus.com/bid/76593 http://www.securitytracker.com/id/1033485 http://www.securitytracker.com/id/1033500 http://www.securitytracker.com/id/1033501 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-097 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 96%CPEs: 5EXPL: 1CVE-2015-2545 – Microsoft Office Malformed EPS File Vulnerability
https://notcve.org/view.php?id=CVE-2015-2545
Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted EPS image, aka "Microsoft Office Malformed EPS File Vulnerability." Vulnerabilidad en Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1 y 2013 RT SP1, permite a atacantes remotos ejecutar código arbitrario a través de una imagen EPS manipulada, también conocida como 'Microsoft Office Malformed EPS File Vulnerability.' Microsoft Office allows remote attackers to execute arbitrary code via a crafted EPS image. • http://blog.morphisec.com/exploit-bypass-emet-cve-2015-2545 http://www.securitytracker.com/id/1033488 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-099 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 89%CPEs: 1EXPL: 1CVE-2015-2467 – Microsoft Office 2007 - 'mso.dll' Use-After-Free (MS15-081)
https://notcve.org/view.php?id=CVE-2015-2467
Microsoft Office 2007 SP3 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." Vulnerabilidad en Microsoft Office 2007 SP3, permite a atacantes remotos ejecutar código arbitrario a través de un documento manipulado, también conocida como 'Microsoft Office Memory Corruption Vulnerability.' • https://www.exploit-db.com/exploits/37913 http://www.securitytracker.com/id/1033239 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-081 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 89%CPEs: 5EXPL: 1CVE-2015-2469 – Microsoft Office 2007 - 'wwlib.dll' Type Confusion (MS15-081)
https://notcve.org/view.php?id=CVE-2015-2469
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, and Office for Mac 2011 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." Vulnerabilidad en Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2 y Office para Mac 2011, permite a atacantes remotos ejecutar código arbitrario a través de un documento manipulado, también conocida como 'Microsoft Office Memory Corruption Vulnerability.' • https://www.exploit-db.com/exploits/37910 http://www.securitytracker.com/id/1033239 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-081 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 86%CPEs: 4EXPL: 0CVE-2015-1642 – Microsoft Office Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2015-1642
Microsoft Office 2007 SP3, 2010 SP2, and 2013 SP1 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." Vulnerabilidad en Microsoft Office 2007 SP3, 2010 SP2 y 2013 SP1, permite a atacantes remotos ejecutar código arbitrario a través de un documento manipulado, también conocido como 'Microsoft Office Memory Corruption Vulnerability.' Microsoft Office contains a memory corruption vulnerability that allows remote attackers to execute arbitrary code via a crafted document. • http://www.securitytracker.com/id/1033239 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-081 https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1203 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •