MS15-110: Security Updates for Microsoft Office to Address Remote Code Execution (3089440)

high Nessus Plugin ID 86374

Language:

Synopsis

The remote Windows host is affected by multiple vulnerabilities.

Description

The remote Windows host has a version of Microsoft Office, Excel, Excel Viewer, SharePoint Server, Microsoft Office Compatibility Pack, or Microsoft Office Web Apps installed that is affected by multiple vulnerabilities :

- Multiple remote code execution vulnerabilities exist due to improper handling of objects in memory. A remote attacker can exploit these vulnerabilities by convincing a user to open a specially crafted file, resulting in execution of arbitrary code in the context of the current user. (CVE-2015-2555, CVE-2015-2557, CVE-2015-2558)

- An information disclosure vulnerability exists in the SharePoint InfoPath Forms Services due to improper parsing of document type definitions (DTD) in XML files.
A remote attacker can exploit this, via a crafted XML file, to browse the contents of arbitrary files on a SharePoint server. (CVE-2015-2556)

- A cross-site scripting vulnerability exists in Office Web Apps Server due to improper sanitization of crafted requests before returning it to the user. A remote attacker can exploit this to run arbitrary script code in the user's browser session. (CVE-2015-6037)

- A security feature bypass vulnerability exists in SharePoint due to improper enforcement of permission levels for applications or users. This allows Office Marketplace to inject JavaScript code that will persist in a SharePoint page. A remote attacker can exploit this to conduct a cross-site scripting attack, resulting in execution of arbitrary code in the user's browser session. (CVE-2015-6039)

Solution

Microsoft has released a set of patches for Office 2007, 2010, 2013, 2013 RT, 2016; SharePoint Server 2007, 2010, 2013; Microsoft Office Compatibility Pack SP3; Microsoft Excel Viewer; and Microsoft Office Web Apps 2010, 2013.

Plugin Details

Severity: High

ID: 86374

File Name: smb_nt_ms15-110.nasl

Version: 1.10

Type: local

Agent: windows

Family: Windows : Microsoft Bulletins

Published: 10/13/2015

Updated: 7/30/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:microsoft:office, cpe:/a:microsoft:excel_viewer, cpe:/a:microsoft:excel, cpe:/a:microsoft:visio, cpe:/a:microsoft:sharepoint_server, cpe:/a:microsoft:office_web_apps, cpe:/a:microsoft:office_compatibility_pack

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Ease: No known exploits are available

Patch Publication Date: 10/13/2015

Vulnerability Publication Date: 10/13/2015

Reference Information

CVE: CVE-2015-2555, CVE-2015-2556, CVE-2015-2557, CVE-2015-2558, CVE-2015-6037, CVE-2015-6039

BID: 76988, 76996, 76997, 77003, 77009, 77011

MSFT: MS15-110

MSKB: 2553405, 2596670, 2920693, 3054994, 3085514, 3085520, 3085542, 3085567, 3085568, 3085571, 3085582, 3085583, 3085595, 3085596, 3085609, 3085615, 3085618, 3085619

Detections

Analytics