Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2015-6037 | First vendor Publication | 2015-10-13 |
Vendor | Cve | Last vendor Modification | 2018-10-12 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:S/C:N/I:P/A:N) | |||
---|---|---|---|
Cvss Base Score | 3.5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Medium |
Cvss Expoit Score | 6.8 | Authentication | Requires single instance |
Calculate full CVSS 2.0 Vectors scores |
Detail
Cross-site scripting (XSS) vulnerability in Microsoft Excel Services on SharePoint Server 2010 SP2 and 2013 SP1, Office Web Apps 2010 SP2, Excel Web App 2010 SP2, Office Web Apps Server 2013 SP1, and SharePoint Foundation 2013 SP1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, aka "Microsoft Office Web Apps XSS Spoofing Vulnerability." |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6037 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Application | 2 | |
Application | 1 | |
Application | 2 |
Snort® IPS/IDS
Date | Description |
---|---|
2018-08-16 | Microsoft Office Excel fileVersion use-after-free attempt RuleID : 47204 - Revision : 1 - Type : FILE-OFFICE |
2018-08-16 | Microsoft Office Excel fileVersion use-after-free attempt RuleID : 47203 - Revision : 1 - Type : FILE-OFFICE |
2018-08-16 | Microsoft Office Excel fileVersion use-after-free attempt RuleID : 47202 - Revision : 2 - Type : FILE-OFFICE |
2018-08-16 | Microsoft Office Excel fileVersion use-after-free attempt RuleID : 47201 - Revision : 2 - Type : FILE-OFFICE |
2018-08-16 | Microsoft Office Excel fileVersion use-after-free attempt RuleID : 47200 - Revision : 1 - Type : FILE-OFFICE |
2018-08-16 | Microsoft Office Excel fileVersion use-after-free attempt RuleID : 47199 - Revision : 1 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Office Excel malformed binary format use after free attempt RuleID : 36430 - Revision : 2 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Office Excel malformed binary format use after free attempt RuleID : 36429 - Revision : 3 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Visio lmetaclasscount buffer overflow attempt RuleID : 36428 - Revision : 2 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Visio lmetaclasscount buffer overflow attempt RuleID : 36427 - Revision : 2 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Office Excel fileVersion use-after-free attempt RuleID : 36426 - Revision : 3 - Type : FILE-OFFICE |
2016-03-14 | Microsoft Office Excel fileVersion use-after-free attempt RuleID : 36425 - Revision : 3 - Type : FILE-OFFICE |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-10-14 | Name : An application installed on the remote Mac OS X host is affected by multiple ... File : macosx_ms15-110_office.nasl - Type : ACT_GATHER_INFO |
2015-10-13 | Name : The remote Windows host is affected by multiple vulnerabilities. File : smb_nt_ms15-110.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Source | Url |
---|---|
MS | https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15... |
SECTRACK | http://www.securitytracker.com/id/1033803 http://www.securitytracker.com/id/1033804 |
Alert History
Date | Informations |
---|---|
2021-05-04 12:41:23 |
|
2021-04-22 01:50:17 |
|
2020-05-23 00:46:22 |
|
2018-10-13 05:18:56 |
|
2016-12-09 00:23:49 |
|
2016-12-08 09:23:50 |
|
2015-10-20 16:21:12 |
|
2015-10-15 05:23:21 |
|
2015-10-14 13:24:00 |
|
2015-10-14 09:23:16 |
|