CVSS: 9.3EPSS: 96%CPEs: 5EXPL: 1CVE-2015-2545 – Microsoft Office Malformed EPS File Vulnerability
https://notcve.org/view.php?id=CVE-2015-2545
Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted EPS image, aka "Microsoft Office Malformed EPS File Vulnerability." Vulnerabilidad en Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1 y 2013 RT SP1, permite a atacantes remotos ejecutar código arbitrario a través de una imagen EPS manipulada, también conocida como 'Microsoft Office Malformed EPS File Vulnerability.' Microsoft Office allows remote attackers to execute arbitrary code via a crafted EPS image. • http://blog.morphisec.com/exploit-bypass-emet-cve-2015-2545 http://www.securitytracker.com/id/1033488 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-099 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 95%CPEs: 9EXPL: 1CVE-2015-2523 – Microsoft Excel 2007/2010/2013 - BIFFRecord Use-After-Free
https://notcve.org/view.php?id=CVE-2015-2523
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel for Mac 2011 and 2016, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." Vulnerabilidad en Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel para Mac 2011 y 2016, Office Compatibility Pack SP3 y Excel Viewer, permite a atacantes remotos ejecutar código arbitrario a través de un documento Office manipulado, también conocida como 'Microsoft Office Memory Corruption Vulnerability.' Microsoft Excel 2007 running on Windows 2003 suffers from a use-after-free vulnerability. • https://www.exploit-db.com/exploits/38214 http://www.securitytracker.com/id/1033488 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-099 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 89%CPEs: 5EXPL: 1CVE-2015-2469 – Microsoft Office 2007 - 'wwlib.dll' Type Confusion (MS15-081)
https://notcve.org/view.php?id=CVE-2015-2469
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, and Office for Mac 2011 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." Vulnerabilidad en Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2 y Office para Mac 2011, permite a atacantes remotos ejecutar código arbitrario a través de un documento manipulado, también conocida como 'Microsoft Office Memory Corruption Vulnerability.' • https://www.exploit-db.com/exploits/37910 http://www.securitytracker.com/id/1033239 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-081 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 86%CPEs: 4EXPL: 0CVE-2015-1642 – Microsoft Office Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2015-1642
Microsoft Office 2007 SP3, 2010 SP2, and 2013 SP1 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." Vulnerabilidad en Microsoft Office 2007 SP3, 2010 SP2 y 2013 SP1, permite a atacantes remotos ejecutar código arbitrario a través de un documento manipulado, también conocido como 'Microsoft Office Memory Corruption Vulnerability.' Microsoft Office contains a memory corruption vulnerability that allows remote attackers to execute arbitrary code via a crafted document. • http://www.securitytracker.com/id/1033239 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-081 https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1203 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 58%CPEs: 6EXPL: 1CVE-2015-2470 – Microsoft Office 2007 - MSPTLS Heap Index Integer Underflow (MS15-081)
https://notcve.org/view.php?id=CVE-2015-2470
Integer underflow in Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office for Mac 2011, and Word Viewer allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Integer Underflow Vulnerability." Vulnerabilidad de desbordamiento inferior de entero en Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office para Mac 2011 y Word Viewer, permite a atacantes remotos ejecutar código arbitrario a través de un documento manipulado, también conocida como 'Microsoft Office Integer Underflow Vulnerability'. • https://www.exploit-db.com/exploits/37924 http://www.securitytracker.com/id/1033239 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-081 • CWE-189: Numeric Errors •