Detections
Analytics

MS15-033: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3048019)

high Nessus Plugin ID 82769

Language:

Synopsis

The remote host is affected by multiple remote code execution vulnerabilities.

Description

The remote Windows host has a version of Microsoft Office, Office Compatibility Pack, Microsoft Word, Microsoft Word Viewer, SharePoint Server, or Microsoft Office Web Apps installed that is affected by multiple remote code execution vulnerabilities :

 - A remote code execution vulnerability exists due to improper handling rich text format files in memory. A remote attacker can exploit this vulnerability by convincing a user to open a specially crafted file using the affected software, resulting in execution of arbitrary code in the context of the current user.
 (CVE-2015-1641)

 - Multiple use-after-free errors exist due to improper parsing specially crafted Office files. A remote attacker can exploit these errors by convincing a user to open a specially crafted file using the affected software, resulting in execution of arbitrary code in the context of the current user. (CVE-2015-1649, CVE-2015-1650, CVE-2015-1651)

Solution

Microsoft has released a set of patches for Office 2010, Word 2007, 2010, 2013, Office Compatibility Pack, Microsoft Word Viewer, SharePoint Server, and Office Web Apps.

See Also

https://technet.microsoft.com/library/security/ms15-033

Plugin Details

Severity: High

ID: 82769

File Name: smb_nt_ms15-033.nasl

Version: 1.17

Type: local

Agent: windows

Published: 4/14/2015

Updated: 2/16/2023

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.8

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:microsoft:sharepoint_server, cpe:/a:microsoft:office_web_apps, cpe:/a:microsoft:office_compatibility_pack, cpe:/a:microsoft:word_viewer, cpe:/a:microsoft:office

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 4/14/2015

Vulnerability Publication Date: 4/14/2015

CISA Known Exploited Vulnerability Due Dates: 5/3/2022

Reference Information

CVE: CVE-2015-1641, CVE-2015-1649, CVE-2015-1650, CVE-2015-1651

BID: 73991, 74007, 74011, 74012

IAVA: 2015-A-0090-S

MSFT: MS15-033

MSKB: 2553164, 2553428, 2965210, 2965215, 2965224, 2965236, 2965238, 2965284, 2965289, 2965306