← Back

CVE-2015-2558

nvd nist
Published: Oct 14, 2015Modified: May 6, 2026

JSON object

Loading...
9.3
Vector
AV:N/AC:M/Au:N/C:C/I:C/A:C
Exploitability: 8.6 / Impact: 10.0
Source: NVD

Description

Use-after-free vulnerability in Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Excel Viewer, Office Compatibility Pack SP3, and Excel Services on SharePoint Server 2007 SP3, 2010 SP2, and 2013 SP1 allows remote attackers to execute arbitrary code via a long fileVersion element in an Office document, aka "Microsoft Office Memory Corruption Vulnerability."

Affected (14)

Microsoft
6 products
Excel
Excel For Mac
Excel Viewer
Office Compatibility Pack
Office Sharepoint Server
Sharepoint Server
Configuration A
14 vulnerable
Vulnerable SoftwareAffected Versions
Microsoft
Excel
Version 2007 sp3
Excel
Version 2010 sp2
Excel
Version 2010 sp2
Excel
Version 2013 sp1
Excel
Version 2013 sp1
Excel
Version 2016
Microsoft
Excel For Mac
Version 2011
Excel For Mac
Version 2016
Excel Viewer
All versions
Office Compatibility Pack
All versions
Microsoft
Office Sharepoint Server
Version 2007 sp3
Office Sharepoint Server
Version 2007 sp3
Microsoft
Sharepoint Server
Version 2010 sp2
Sharepoint Server
Version 2013 sp1

References (6)

Source: secure@microsoft.com
Third Party AdvisoryVDB Entry
Source: secure@microsoft.com
Third Party AdvisoryVDB Entry
Source: secure@microsoft.com
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.