CVE-2015-1642
HIGH KEVMicrosoft Office <2013 - RCE
Title source: llmDescription
Microsoft Office 2007 SP3, 2010 SP2, and 2013 SP1 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
References (4)
Scores
CVSS v3
7.8
EPSS
0.7288
EPSS Percentile
98.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CISA KEV
2022-03-03
VulnCheck KEV
2015-02-27
InTheWild.io
2015-02-27
ENISA EUVD
EUVD-2015-1772
CWE
CWE-787
Status
published
Products (3)
microsoft/office
2007 sp3
microsoft/office
2010 sp2
microsoft/office
2013 sp1
Published
Aug 15, 2015
KEV Added
Mar 03, 2022
Tracked Since
Feb 18, 2026