Vulnerability Name: CVE-2015-0085 (CCN-101147) Assigned: 2014-11-18 Published: 2015-03-10 Updated: 2018-10-12 Summary: Use-after-free vulnerability in Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 Gold and SP1, Word 2013 Gold and SP1, Office 2013 RT Gold and SP1, Word 2013 RT Gold and SP1, Excel Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, Excel Services on SharePoint Server 2013 Gold and SP1, Word Automation Services on SharePoint Server 2013 Gold and SP1, Web Applications 2010 SP2, Office Web Apps Server 2010 SP2, Web Apps Server 2013 Gold and SP1, SharePoint Server 2007 SP3, Windows SharePoint Services 3.0 SP3, SharePoint Foundation 2010 SP2, SharePoint Server 2010 SP2, SharePoint Foundation 2013 Gold and SP1, and SharePoint Server 2013 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Component Use After Free Vulnerability."CWE-416: Use After Free CVSS v3 Severity: 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H )Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): ChangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
CVSS v2 Severity: 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C )6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C )6.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C )Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
Vulnerability Type: CWE-Other Vulnerability Consequences: Gain Access References: Source: MITRE Type: CNACVE-2015-0085 Source: CCN Type: Microsoft Security Bulletin MS15-022Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3038999) Source: CCN Type: Microsoft Security Bulletin MS15-099Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3089664) Source: CCN Type: Microsoft Security Bulletin MS15-110Security Updates for Microsoft Office (3096440) Source: CCN Type: Microsoft Security Bulletin MS15-116Security Updates for Microsoft Office to Address Remote Code Execution (3104540) Source: CCN Type: Microsoft Security Bulletin MS15-131Security Update for Microsoft Office to Address Remote Code Execution (3116111) Source: CCN Type: Microsoft Security Bulletin MS16-004Security Update for Microsoft Office to Address Remote Code Execution - Critical (3124585) Source: CCN Type: Microsoft Security Bulletin MS16-015Security Update for Microsoft Office to Address Remote Code Execution (3134226) Source: CCN Type: Microsoft Security Bulletin MS16-029Security Update for Microsoft Office to Address Remote Code Execution (3141806) Source: CCN Type: Microsoft Security Bulletin MS16-042Security Update for Microsoft Office (3148775) Source: CCN Type: Microsoft Security Bulletin MS16-054Security Update for Microsoft Office (3155544) Source: CCN Type: Microsoft Security Bulletin MS16-070Security Update for Office (3163610) Source: CCN Type: Microsoft Security Bulletin MS16-088Security Updates for Office (3170008) Source: CCN Type: Microsoft Security Bulletin MS16-099Security Update for Office (3177451) Source: CCN Type: Microsoft Security Bulletin MS16-107Security Update for Microsoft Office (3185852) Source: CCN Type: Microsoft Security Bulletin MS16-121Security Update for Microsoft Office (3194063) Source: CCN Type: Microsoft Security Bulletin MS16-133Security Update for Microsoft Office (3199168) Source: CCN Type: Microsoft Security Bulletin MS16-148Security Update for Microsoft Office (3204068) Source: CCN Type: Microsoft Security Bulletin MS17-002Security Update for Microsoft Office (3214291) Source: CCN Type: Microsoft Security Bulletin MS17-013Security Update for Microsoft Graphics Component (4013075) Source: CCN Type: Microsoft Security Bulletin MS17-014Security Update for Microsoft Office (4013241) Source: SECTRACK Type: UNKNOWN1031896 Source: MS Type: UNKNOWNMS15-022 Source: XF Type: UNKNOWNms-office-cve20150085-code-exec(101147) Source: CCN Type: ZDI-15-088Microsoft Word Format Tag Transposition Use-After-Free Remote Code Execution Vulnerability Vulnerable Configuration: Configuration 1 :cpe:/a:microsoft:excel:2007:sp3:*:*:*:*:*:* OR cpe:/a:microsoft:excel:2010:sp2:*:*:*:*:x86:* OR cpe:/a:microsoft:excel:2010:sp2:*:*:*:x86:*:* OR cpe:/a:microsoft:excel_viewer:*:*:*:*:*:*:*:* OR cpe:/a:microsoft:office:2010:sp2:*:*:*:*:x64:* OR cpe:/a:microsoft:office:2010:sp2:*:*:*:*:x86:* OR cpe:/a:microsoft:office:2013:*:*:*:gold:*:*:* OR cpe:/a:microsoft:office:2013:*:*:*:rt_gold:*:*:* OR cpe:/a:microsoft:office:2013:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:* OR cpe:/a:microsoft:office_web_apps_server:2010:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:office_web_apps_server:2013:*:*:*:gold:*:*:* OR cpe:/a:microsoft:office_web_apps_server:2013:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:powerpoint:2007:sp3:*:*:*:*:*:* OR cpe:/a:microsoft:powerpoint:2010:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:sharepoint_foundation:2010:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:sharepoint_foundation:2013:-:-:*:gold:*:*:* OR cpe:/a:microsoft:sharepoint_foundation:2013:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:sharepoint_server:2007:sp3:*:*:*:*:*:* OR cpe:/a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:sharepoint_server:2013:-:-:*:gold:*:*:* OR cpe:/a:microsoft:sharepoint_server:2013:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:sharepoint_services:3.0:sp3:*:*:*:*:*:* OR cpe:/a:microsoft:web_applications:2010:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:word:2007:sp3:*:*:*:*:*:* OR cpe:/a:microsoft:word:2010:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:word:2013:*:*:*:gold:*:*:* OR cpe:/a:microsoft:word:2013:*:*:*:rt_gold:*:*:* OR cpe:/a:microsoft:word:2013:sp1:*:*:*:*:*:* Configuration CCN 1 :cpe:/a:microsoft:excel_viewer:*:*:*:*:*:*:*:* OR cpe:/a:microsoft:office:2007:sp3:*:*:*:*:*:* OR cpe:/a:microsoft:powerpoint:2007:sp3:*:*:*:*:*:* OR cpe:/a:microsoft:excel:2007:sp3:*:*:*:*:*:* OR cpe:/a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:* OR cpe:/a:microsoft:word:2007:sp3:*:*:*:*:*:* OR cpe:/a:microsoft:sharepoint_server:2007:sp3:x64:*:*:*:*:* OR cpe:/a:microsoft:sharepoint_server:2013:*:*:*:*:*:*:* OR cpe:/a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:sharepoint_foundation:2010:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:sharepoint_foundation:2013:*:*:*:*:*:*:* OR cpe:/a:microsoft:office:2010:sp2:*:*:*:*:x64:* OR cpe:/a:microsoft:office:2013:sp1:x32:*:*:*:*:* OR cpe:/a:microsoft:office:2013:-:-:*:-:-:x64:* OR cpe:/a:microsoft:office:2010:sp2:x32:*:*:*:*:* OR cpe:/a:microsoft:excel:2010:sp2:*:*:*:*:x64:* OR cpe:/a:microsoft:excel:2010:sp2:*:*:*:*:x32:* OR cpe:/a:microsoft:office:2013:*:*:*:rt:*:*:* OR cpe:/a:microsoft:office_web_apps:2013:*:*:*:*:*:*:* OR cpe:/a:microsoft:word:2010:sp2:*:*:*:*:x32:* OR cpe:/a:microsoft:word:2010:sp2:*:*:*:*:x64:* OR cpe:/a:microsoft:word:2013:*:*:*:*:*:x32:* OR cpe:/a:microsoft:word:2013:*:*:*:*:*:x64:* OR cpe:/a:microsoft:word:2013:*:*:*:rt:*:*:* OR cpe:/a:microsoft:office_web_apps:2010:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:office_web_apps:2013:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:office:2013:sp1:x32:*:*:*:*:* OR cpe:/a:microsoft:office:2013:sp1:*:*:*:*:x64:* OR cpe:/a:microsoft:office:2013:sp1:*:*:rt:*:*:* OR cpe:/a:microsoft:sharepoint_server:2013:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:sharepoint_foundation:2013:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:word:2013:sp1:*:*:*:*:x32:* OR cpe:/a:microsoft:word:2013:sp1:*:*:*:*:x64:* OR cpe:/a:microsoft:word:2013:sp1:*:*:rt:*:*:* OR cpe:/a:microsoft:powerpoint:2010:sp2:*:*:*:*:x32:* OR cpe:/a:microsoft:powerpoint:2010:sp2:*:*:*:*:x64:* Denotes that component is vulnerable Oval Definitions Definition ID Class Title Last Modified oval:org.mitre.oval:def:28631 V Microsoft office component use after free vulnerability - CVE-2015-0085 (MS15-022) 2015-06-15
BACK
microsoft excel 2007 sp3
microsoft excel 2010 sp2
microsoft excel 2010 sp2
microsoft excel viewer *
microsoft office 2010 sp2
microsoft office 2010 sp2
microsoft office 2013
microsoft office 2013
microsoft office 2013 sp1
microsoft office compatibility pack * sp3
microsoft office web apps server 2010 sp2
microsoft office web apps server 2013
microsoft office web apps server 2013 sp1
microsoft powerpoint 2007 sp3
microsoft powerpoint 2010 sp2
microsoft sharepoint foundation 2010 sp2
microsoft sharepoint foundation 2013 -
microsoft sharepoint foundation 2013 sp1
microsoft sharepoint server 2007 sp3
microsoft sharepoint server 2010 sp2
microsoft sharepoint server 2013 -
microsoft sharepoint server 2013 sp1
microsoft sharepoint services 3.0 sp3
microsoft web applications 2010 sp2
microsoft word 2007 sp3
microsoft word 2010 sp2
microsoft word 2013
microsoft word 2013
microsoft word 2013 sp1
microsoft excel viewer *
microsoft office 2007 sp3
microsoft powerpoint 2007 sp3
microsoft excel 2007 sp3
microsoft office compatibility pack * sp3
microsoft word 2007 sp3
microsoft sharepoint server 2007 sp3
microsoft sharepoint server 2013
microsoft sharepoint server 2010 sp2
microsoft sharepoint foundation 2010 sp2
microsoft sharepoint foundation 2013
microsoft office 2010 sp2
microsoft office 2013 sp1
microsoft office 2013 -
microsoft office 2010 sp2
microsoft excel 2010 sp2
microsoft excel 2010 sp2
microsoft office 2013
microsoft office web apps 2013
microsoft word 2010 sp2
microsoft word 2010 sp2
microsoft word 2013
microsoft word 2013
microsoft word 2013
microsoft office web apps 2010 sp2
microsoft office web apps 2013 sp1
microsoft office 2013 sp1
microsoft office 2013 sp1
microsoft office 2013 sp1
microsoft sharepoint server 2013 sp1
microsoft sharepoint foundation 2013 sp1
microsoft word 2013 sp1
microsoft word 2013 sp1
microsoft word 2013 sp1
microsoft powerpoint 2010 sp2
microsoft powerpoint 2010 sp2