Description
Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Google Security Research · textdoswindows
https://www.exploit-db.com/exploits/38216
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1033488
Vendor Advisory vendor-advisory
x_refsource_ms
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-099
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/38216/
Scores
EPSS
0.6918
EPSS Percentile
98.7%
Details
CWE
CWE-119
Status
published
Products (4)
microsoft/excel
2007 sp3
microsoft/excel
2010 sp2 (2 CPE variants)
microsoft/excel_viewer
microsoft/office_compatibility_pack
Published
Sep 09, 2015
Tracked Since
Feb 18, 2026