Executive Summary

Summary
TitleVulnerabilities in Microsoft Office Could Allow Remote Code Execution (3057181)
Informations
NameMS15-046First vendor Publication2015-05-12
VendorMicrosoftLast vendor Modification2015-10-13
Severity (Vendor) ImportantRevision4.0

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score9.3Attack RangeNetwork
Cvss Impact Score10Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Severity Rating: Important
Revision Note: V4.0 (October 13, 2015): Revised bulletin to announce the availability of a new update (3085544) for Microsoft Office 2007 that addresses issues with the previously-released update (2965282). Customers running Microsoft Office 2007 are encouraged to install update 3085544 at the earliest opportunity to be fully protected from the vulnerability discussed in this bulletin. Customers running other Microsoft Office software do not need to take any action. See Microsoft Knowledge Base Article 3085544 for more information and download links.
Summary: This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Original Source

Url : https://technet.microsoft.com/en-us/library/security/MS15-046

CWE : Common Weakness Enumeration

%idName
100 %CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:28723
 
Oval ID: oval:org.mitre.oval:def:28723
Title: Microsoft Office memory corruption vulnerability – CVE-2015-1683 (MS15-046)
Description: Microsoft Office 2007 SP3 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2015-1683
Version: 3
Platform(s): Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s): Microsoft Office 2007
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28645
 
Oval ID: oval:org.mitre.oval:def:28645
Title: Microsoft Office memory corruption vulnerability – CVE-2015-1682 (MS15-046)
Description: Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Word 2013 SP1, Office 2013 RT SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Office for Mac 2011, Excel for Mac 2011, PowerPoint for Mac 2011, Word for Mac 2011, PowerPoint Viewer, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, Excel Services on SharePoint Server 2010 SP2 and 2013 SP1, Office Web Apps 2010 SP2, Excel Web App 2010 SP2, Office Web Apps Server 2013 SP1, SharePoint Foundation 2010 SP2, and SharePoint Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2015-1682
Version: 3
Platform(s): Microsoft Windows Server 2003
Microsoft Windows Vista
Microsoft Windows Server 2008
Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s): Microsoft Excel 2013
Microsoft Excel 2010
Microsoft Office 2010
Microsoft Office 2013
Microsoft Office Web Apps 2010
Microsoft Office Web Apps Server 2013
Microsoft PowerPoint 2013
Microsoft PowerPoint 2010
Microsoft SharePoint Foundation 2010
Microsoft SharePoint Server 2010
Microsoft SharePoint Server 2013
Microsoft Word 2010
Microsoft Word 2013
Microsoft PowerPoint Viewer
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28547
 
Oval ID: oval:org.mitre.oval:def:28547
Title: Microsoft Office memory corruption vulnerability – CVE-2015-1682 (MS15-046)
Description: Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Word 2013 SP1, Office 2013 RT SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Office for Mac 2011, Excel for Mac 2011, PowerPoint for Mac 2011, Word for Mac 2011, PowerPoint Viewer, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, Excel Services on SharePoint Server 2010 SP2 and 2013 SP1, Office Web Apps 2010 SP2, Excel Web App 2010 SP2, Office Web Apps Server 2013 SP1, SharePoint Foundation 2010 SP2, and SharePoint Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
Family: macos Class: vulnerability
Reference(s): CVE-2015-1682
Version: 3
Platform(s): Apple Mac OS X
Apple Mac OS X Server
Product(s): Microsoft Office 2011 for Mac
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application3
Application1
Application6
Application2
Application4
Application1
Application2
Application2
Application4

Information Assurance Vulnerability Management (IAVM)

DateDescription
2015-05-14IAVM : 2015-A-0103 - Multiple Vulnerabilities in Microsoft Office Products (MS15-046)
Severity : Category II - VMSKEY : V0060643

Snort® IPS/IDS

DateDescription
2015-06-17Microsoft Office Word incorrect ptCount element denial of service attempt
RuleID : 34429 - Revision : 3 - Type : FILE-OFFICE
2015-06-17Microsoft Office Word incorrect ptCount element denial of service attempt
RuleID : 34428 - Revision : 3 - Type : FILE-OFFICE

Nessus® Vulnerability Scanner

DateDescription
2015-05-13Name : An application installed on the remote Mac OS X host is affected by a remote ...
File : macosx_ms15-046_office_2011.nasl - Type : ACT_GATHER_INFO
2015-05-13Name : The remote host is affected by multiple remote code execution vulnerabilities.
File : smb_nt_ms15-046.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
DateInformations
2017-01-03 09:24:50
  • Multiple Updates
2015-10-18 17:26:32
  • Multiple Updates
2015-10-13 21:28:12
  • Multiple Updates
2015-10-13 21:16:32
  • Multiple Updates
2015-06-17 21:26:36
  • Multiple Updates
2015-06-09 21:30:51
  • Multiple Updates
2015-06-09 21:17:08
  • Multiple Updates
2015-05-20 00:30:00
  • Multiple Updates
2015-05-20 00:15:38
  • Multiple Updates
2015-05-14 13:28:21
  • Multiple Updates
2015-05-13 21:31:13
  • Multiple Updates
2015-05-13 17:29:40
  • Multiple Updates
2015-05-12 21:30:29
  • Multiple Updates
2015-05-12 21:17:01
  • First insertion