CVE Vulnerabilities

CVE-2015-1650

Published: Apr 14, 2015 | Modified: Oct 12, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Use-after-free vulnerability in Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, and Office Web Apps Server 2010 SP2 and 2013 SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka Microsoft Office Component Use After Free Vulnerability.

Affected Software

Name Vendor Start Version End Version
Word Microsoft 2013 2013
Office_web_apps Microsoft 2013 2013
Office Microsoft 2010 2010
Office_web_apps Microsoft 2010 2010
Sharepoint_server Microsoft 2010 2010
Sharepoint_server Microsoft 2013 2013
Office_compatibility_pack Microsoft * *
Word Microsoft 2010 2010
Word_viewer Microsoft * *
Office Microsoft 2010 2010
Word Microsoft 2007 2007

References