Home

CVE-2015-2424

Description

Microsoft PowerPoint 2007 SP3, Word 2007 SP3, PowerPoint 2010 SP2, Word 2010 SP2, PowerPoint 2013 SP1, Word 2013 SP1, and PowerPoint 2013 RT SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka Microsoft Office Memory Corruption Vulnerability.

Risk Information

Base Score
8.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
84.282

Associated Vulnerability

VulnerabilityOS Platform
Security Update for Microsoft Office Excel 2007 (KB2965281)Windows
Security Update for Microsoft Office PowerPoint 2007 (KB2965283)Windows
Security Update for Microsoft Office Word 2007 (KB3054996)Windows
Security Update for Microsoft Office 2010 (KB3054971) 32-Bit EditionWindows
Security Update for Microsoft Office 2010 (KB3054971) 64-Bit EditionWindows
Security Update for Microsoft Excel 2010 (KB3054981) 32-Bit EditionWindows
Security Update for Microsoft Excel 2010 (KB3054981) 64-Bit EditionWindows
Security Update for Microsoft PowerPoint 2010 (KB3054963) 32-Bit EditionWindows
Security Update for Microsoft PowerPoint 2010 (KB3054963) 64-Bit EditionWindows
Security Update for Microsoft Word 2010 (KB3054973) 32-Bit EditionWindows
Security Update for Microsoft Word 2010 (KB3054973) 64-Bit EditionWindows
Security Update for Microsoft Excel 2013 (KB3054949) 32-Bit EditionWindows
Security Update for Microsoft Excel 2013 (KB3054949) 64-Bit EditionWindows
Security Update for Microsoft PowerPoint 2013 (KB3054999) 32-Bit EditionWindows
Security Update for Microsoft PowerPoint 2013 (KB3054999) 64-Bit EditionWindows
Security Update for Microsoft Word 2013 (KB3054990) 32-Bit EditionWindows
Security Update for Microsoft Word 2013 (KB3054990) 64-Bit EditionWindows
Security Update for Microsoft Office Excel Viewer 2007 (KB2965209)Windows
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2965208)Windows
Security Update for Word Viewer (KB3054958)Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-18112Security Update for Microsoft Office Excel 2007 (KB2965281)
PATCH-18113Security Update for Microsoft Office PowerPoint 2007 (KB2965283)
PATCH-18114Security Update for Microsoft Office Word 2007 (KB3054996)
PATCH-18115Security Update for Microsoft Office 2010 (KB3054971) 32-Bit Edition
PATCH-18116Security Update for Microsoft Office 2010 (KB3054971) 64-Bit Edition
PATCH-18117Security Update for Microsoft Excel 2010 (KB3054981) 32-Bit Edition
PATCH-18118Security Update for Microsoft Excel 2010 (KB3054981) 64-Bit Edition
PATCH-18119Security Update for Microsoft PowerPoint 2010 (KB3054963) 32-Bit Edition
PATCH-18121Security Update for Microsoft Word 2010 (KB3054973) 32-Bit Edition
PATCH-18123Security Update for Microsoft Excel 2013 (KB3054949) 32-Bit Edition
PATCH-18124Security Update for Microsoft Excel 2013 (KB3054949) 64-Bit Edition
PATCH-18125Security Update for Microsoft PowerPoint 2013 (KB3054999) 32-Bit Edition
PATCH-18126Security Update for Microsoft PowerPoint 2013 (KB3054999) 64-Bit Edition
PATCH-18127Security Update for Microsoft Word 2013 (KB3054990) 32-Bit Edition
PATCH-18128Security Update for Microsoft Word 2013 (KB3054990) 64-Bit Edition
PATCH-18129Security Update for Microsoft Office Excel Viewer 2007 (KB2965209)
PATCH-18130Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2965208)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234