CVEブラウザに戻る

CVE-2015-2424

Known Exploited (CISA KEV)HIGH

8.8

CVSS Severity Score

EPSS Score96.7910%

EPSS Percentile93.81th

Published2015年7月14日

Last Modified2026年4月22日

Vulnerability Description

Microsoft PowerPoint 2007 SP3, Word 2007 SP3, PowerPoint 2010 SP2, Word 2010 SP2, PowerPoint 2013 SP1, Word 2013 SP1, and PowerPoint 2013 RT SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

Affected Platforms (CPE)

📦

Microsoft

Excel Viewer

= 2007

📦

Microsoft

Office

= 2007

📦

Microsoft

Office

= 2010

📦

Microsoft

Office

= 2011

📦

Microsoft

Office

= 2013

📦

Microsoft

Office

= 2013

📦

Microsoft

Office Compatibility Pack

All versions

📦

Microsoft

Powerpoint

= 2007

📦

Microsoft

Powerpoint

= 2010

📦

Microsoft

Word

= 2013

📦

Microsoft

Word Viewer

All versions

References & Advisories

🔗 http://www.securitytracker.com/id/1032899

🔗 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-070

🔗 http://www.securitytracker.com/id/1032899

🔗 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-070

🔗 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-2424

関連する脆弱性情報

CVE-2008-421110.0

Integer signedness error in (1) QuickLook in Apple Mac OS X 10.5.5 and (2) Office Viewer in Apple iPhone OS 1.0 through 2.1 and iP...

CVE-2008-00819.8

Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office 2004 for Mac allows user-assisted ...

CVE-2007-12039.3

Unspecified vulnerability in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, 2004 for Mac, and 2007 allows user-assiste...

CVE-2007-00289.3

Microsoft Excel 2000, 2002, 2003, Viewer 2003, Office 2004 for Mac, and Office v.X for Mac does not properly handle certain opcode...