Armis Vulnerability Intelligence Database

Description Preview

The vulnerability in Microsoft Office versions 2007 SP3, 2010 SP2, and 2013 SP1 allows remote attackers to exploit a memory corruption issue by enticing a user to open a specially crafted document. This could lead to the execution of arbitrary code on the victim's system, potentially resulting in unauthorized access, data theft, or further compromise of the affected system.

Overview

This vulnerability affects Microsoft Office versions 2007 SP3, 2010 SP2, and 2013 SP1, allowing remote attackers to execute arbitrary code through a crafted document. The issue stems from a memory corruption vulnerability within the software, which could be exploited by enticing a user to open a malicious document. Successful exploitation of this vulnerability could lead to unauthorized code execution on the victim's system.

Remediation

To mitigate the risk associated with this vulnerability, Microsoft has released security updates addressing the memory corruption issue in affected versions of Microsoft Office. Users are advised to apply the necessary security patches provided by Microsoft to prevent potential exploitation of this vulnerability. Additionally, users should exercise caution when opening documents from untrusted or unknown sources to minimize the risk of falling victim to such attacks.

References

Microsoft Security Bulletin MS15-081: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-081
SecurityTracker Advisory ID 1033239: http://www.securitytracker.com/id/1033239
Verisign Advisory on Microsoft Word "TaskSymbol Control" Use After Free Vulnerability: https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1203

Early Warning

Armis Early Warning customers received an advanced alert on this vulnerability.

Armis Alert Date: Feb 27, 2015
CISA KEV Date: Mar 3, 2022

2561days early

Learn More

Industry ExposureMost to least
This section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.

Manufacturing
Manufacturing
Health Care & Social Assistance
Health Care & Social Assistance
Public Administration
Public Administration
Transportation & Warehousing
Transportation & Warehousing
Finance and Insurance
Finance and Insurance
Utilities
Utilities
Educational Services
Educational Services
Retail Trade
Retail Trade
Professional, Scientific, & Technical Services
Professional, Scientific, & Technical Services
Arts, Entertainment & Recreation
Arts, Entertainment & Recreation
Management of Companies & Enterprises
Management of Companies & Enterprises
Other Services (except Public Administration)
Other Services (except Public Administration)
Accommodation & Food Services
Accommodation & Food Services
Wholesale Trade
Wholesale Trade
Administrative, Support, Waste Management & Remediation Services
Administrative, Support, Waste Management & Remediation Services
Agriculture, Forestry Fishing & Hunting
Agriculture, Forestry Fishing & Hunting
Construction
Construction
Information
Information
Mining
Mining
Real Estate Rental & Leasing
Real Estate Rental & Leasing

^{CVE-2015-1642:}Microsoft Office 2007 SP3, 2010 SP2, and 2013 SP1 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."