Home

CVE-2015-1641

Description

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, and Office Web Apps Server 2010 SP2 and 2013 SP1 allow remote attackers to execute arbitrary code via a crafted RTF document, aka Microsoft Office Memory Corruption Vulnerability.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
93.624

Associated Vulnerability

VulnerabilityOS Platform
Security Update for Microsoft Office Word 2007 (KB2965284)Windows
Security Update for Microsoft Office 2010 (KB2965236) 32-Bit EditionWindows
Security Update for Microsoft Office 2010 (KB2965236) 64-Bit EditionWindows
Security Update for Microsoft Word 2010 (KB2553428) 32-Bit EditionWindows
Security Update for Microsoft Word 2010 (KB2553428) 64-Bit EditionWindows
Security Update for Microsoft Word 2013 (KB2965224) 32-Bit EditionWindows
Security Update for Microsoft Word 2013 (KB2965224) 64-Bit EditionWindows
Security Update for Word Viewer (KB2965289)Windows
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2965210)Windows
Security Update for Microsoft SharePoint Server 2010 (KB2553164)Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-17383Security Update for Microsoft Office Word 2007 (KB2965284)
PATCH-17384Security Update for Microsoft Office 2010 (KB2965236) 32-Bit Edition
PATCH-17385Security Update for Microsoft Office 2010 (KB2965236) 64-Bit Edition
PATCH-17386Security Update for Microsoft Word 2010 (KB2553428) 32-Bit Edition
PATCH-17388Security Update for Microsoft Word 2013 (KB2965224) 32-Bit Edition
PATCH-17389Security Update for Microsoft Word 2013 (KB2965224) 64-Bit Edition
PATCH-17392Security Update for Microsoft SharePoint Server 2010 (KB2553164)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234