Description
Integer underflow in Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office for Mac 2011, and Word Viewer allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Integer Underflow Vulnerability."
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Google Security Research · textdoswindows
https://www.exploit-db.com/exploits/37924
References (3)
Core 3
Core References
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/37924/
Vendor Advisory vendor-advisory
x_refsource_ms
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-081
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1033239
Scores
EPSS
0.6676
EPSS Percentile
98.6%
Details
CWE
CWE-189
Status
published
Products (5)
microsoft/office
2010 sp2 (2 CPE variants)
microsoft/office
2011
microsoft/office
2013 sp1
microsoft/word
2007 sp3
microsoft/word_viewer
Published
Aug 15, 2015
Tracked Since
Feb 18, 2026