CVE-2015-0063

Published Feb 11, 2015

Last updated a year ago

Overview

Description: Microsoft Excel 2007 SP3; the proofing tools in Office 2010 SP2; Excel 2010 SP2; Excel 2013 Gold, SP1, and RT; Excel Viewer; and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Excel Remote Code Execution Vulnerability."
Source: secure@microsoft.com
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 9.3
Impact score: 10
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-399

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "44BC7B7B-7191-431C-8CAE-83B3F0EFF03E"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:excel_viewer:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "971EC323-267F-4DAF-BA3B-10A47A9F1ADA"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:excel:2007:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "94F5E2F8-0D37-4FCC-B55A-9F09C421272C"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:x64:*",
            "vulnerable": true,
            "matchCriteriaId": "5E01525C-A3AB-4AB7-82F9-B91E4D552FD7"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:x86:*",
            "vulnerable": true,
            "matchCriteriaId": "E28626D8-AF3A-487F-BAAB-3955E44D2A35"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:excel:2013:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0390EFCA-87B4-42D6-817A-603765F49816"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:excel:2013:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "928192DB-8C38-49BE-83E6-E2C601653E2D"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:office:2010:sp2:x64:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "69998A67-CB15-4217-8AD6-43F9BA3C6454"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:office:2010:sp2:x86:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "349E9084-8116-43E9-8B19-CA521C96660D"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References