SB2015071402 - Multiple vulnerabilities in Microsoft Office
Published: July 14, 2015 Updated: February 27, 2017
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 7 secuirty vulnerabilities.
1) Security bypass (CVE-ID: CVE-2015-2375)
The vulnerability allows a remote attacker to bypass Address Space Layout Randomization on the target system.The weakness exists due to insecure memory release. A remote attacker can create a specially crafted Excel file, trick the victim into opening it and bypass ASLR mechanism.
Successful exploitation of this vulnerability results in security bypass on the vulnerable system.
2) Untrusted Search Path (CVE-ID: CVE-2015-2378)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to insecure .dll loading when processing Excel files. A remote attacker can place a specially crafted DLL file on a remote SMB or WebDav share along with Excel document, trick the victim into opening it and execute arbitrary code with privileges of the current user.
Successful exploitation of this vulnerability results in arbitrary code execution on the vulnerable system.
3) Memory corruption (CVE-ID: CVE-2015-2415)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error when processing Excel files. A remote attacker can create a specially crafted Excel file, trick the victim into opening it, cause memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of this vulnerability results in arbitrary code execution on the vulnerable system.
4) Memory corruption (CVE-ID: CVE-2015-2380)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error when handling malicious Word file. A remote attacker can create a specially crafted Microsoft Word file, trick the victim into opening it, cause memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of this vulnerability results in arbitrary code execution on the vulnerable system.
5) Memory corruption (CVE-ID: CVE-2015-2379)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error when processing Microsoft Word files. A remote attacker can create a specially crafted Word file, trick the victim into opening it, cause memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of this vulnerability results in arbitrary code execution on the vulnerable system.
6) Memory corruption (CVE-ID: CVE-2015-2377)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error when processing Excel files. A remote attacker can create a specially crafted Excel file, trick the victim into opening it, cause memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of this vulnerability results in arbitrary code execution on the vulnerable system.
7) Memory corruption (CVE-ID: CVE-2015-2376)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to boundary error when processing Excel files. A remote attacker can create a specially crafted Excel file, trick the victim into opening it, cause memory corruption and execute arbitrary code with privileges of the current user.
Successful exploitation of this vulnerability results in arbitrary code execution on the vulnerable system.
Remediation
Install update from vendor's website.