CVE-2015-5424

Hewlett-Packard KeyView IDOL DOCX Parsing Remote Code Execution Vulnerability

Severity Score

7.5

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-2885.

Vulnerabilidad no especificada en HP KeyView en versiones anteriores a 10.23.0.1 y 10.24.x en versiones anteriores a 10.24.0.1, permite a atacantes remotos ejecutar código arbitrario a través de vectores desconocidos, también conocida como ZDI-CAN-2885.

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard KeyView IDOL. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The flaw exists within the handling of DOCX files. It is possible to trigger a use-after-free while handling tag data within a DOCX. A remote attacker could exploit this vulnerability to execute arbitrary code under the context of the process.

*Credits: ASD - Vulnerability Research

CVSS Scores

NISTv2 7.5

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2015-07-07 CVE Reserved
2015-08-24 CVE Published
2024-08-06 CVE Updated
2024-09-17 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (4)

URL	Tag	Source
http://www.securityfocus.com/bid/76457	Third Party Advisory
http://www.securitytracker.com/id/1033362	Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-15-398	Third Party Advisory

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04771027	2019-02-12

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Hp Search vendor "Hp"		Keyview Search vendor "Hp" for product "Keyview"				>= 10.23.0.0 < 10.23.0.1 Search vendor "Hp" for product "Keyview" and version " >= 10.23.0.0 < 10.23.0.1"		-		Affected
Hp Search vendor "Hp"		Keyview Search vendor "Hp" for product "Keyview"				>= 10.24.0.0 < 10.24.0.1 Search vendor "Hp" for product "Keyview" and version " >= 10.24.0.0 < 10.24.0.1"		-		Affected