CVE-2015-2510

Microsoft Live Meeting Console - Memory Corruption

Title source: rule

Description

Buffer overflow in the Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2, Office 2007 SP3, Office 2010 SP2, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 SP1, and Live Meeting 2007 Console allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "Graphics Component Buffer Overflow Vulnerability."

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · textdoswindows

https://www.exploit-db.com/exploits/38217

View Code ZIP pw:eip

References (6)

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1033485

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1033500

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1033501

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/76593

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/38217/

[Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-097

Scores

EPSS 0.7060

EPSS Percentile 98.7%

Details

CWE

CWE-119

Status published

Products (7)

microsoft/live_meeting_console 2007

microsoft/lync 2010 (3 CPE variants)

microsoft/lync 2013 sp1 (2 CPE variants)

microsoft/office 2007 sp3

microsoft/office 2010 sp2

microsoft/windows_server_2008

microsoft/windows_vista

Published Sep 09, 2015

Tracked Since Feb 18, 2026