CVE-2015-0097

Published: Mar 11, 2015Modified: May 6, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

Microsoft Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Excel 2010 SP2, PowerPoint 2010 SP2, and Word 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Word Local Zone Remote Code Execution Vulnerability."

Affected (7)

Products: Microsoft: Excel, Powerpoint, Word

3 products

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Microsoft Excel	Version 2007 sp3
Microsoft Excel	Version 2010 sp2
Microsoft Excel	Version 2010 sp2
Microsoft Powerpoint	Version 2007 sp3
Microsoft Powerpoint	Version 2010 sp2
Microsoft Word	Version 2007 sp3
Microsoft Word	Version 2010 sp2

Related CWEs

CWE-19

References (6)

http://www.securitytracker.com/id/1031896

Source: secure@microsoft.com

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-022

Source: secure@microsoft.com

https://www.exploit-db.com/exploits/37657/

Source: secure@microsoft.com

http://www.securitytracker.com/id/1031896

Source: af854a3a-2127-422b-91ae-364da2661108

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-022

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.exploit-db.com/exploits/37657/

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.