Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2015-2556 | First vendor Publication | 2015-10-13 |
| Vendor | Cve | Last vendor Modification | 2018-10-12 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:N/C:P/I:N/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 4.3 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | Medium |
| Cvss Expoit Score | 8.6 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| The InfoPath Forms Services component in Microsoft SharePoint Server 2007 SP3 and 2010 SP2 misparses DTDs, which allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka "Microsoft SharePoint Information Disclosure Vulnerability." |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2556 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-200 | Information Exposure |
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 2 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2018-08-16 | Microsoft Office Excel fileVersion use-after-free attempt RuleID : 47204 - Revision : 1 - Type : FILE-OFFICE |
| 2018-08-16 | Microsoft Office Excel fileVersion use-after-free attempt RuleID : 47203 - Revision : 1 - Type : FILE-OFFICE |
| 2018-08-16 | Microsoft Office Excel fileVersion use-after-free attempt RuleID : 47202 - Revision : 2 - Type : FILE-OFFICE |
| 2018-08-16 | Microsoft Office Excel fileVersion use-after-free attempt RuleID : 47201 - Revision : 2 - Type : FILE-OFFICE |
| 2018-08-16 | Microsoft Office Excel fileVersion use-after-free attempt RuleID : 47200 - Revision : 1 - Type : FILE-OFFICE |
| 2018-08-16 | Microsoft Office Excel fileVersion use-after-free attempt RuleID : 47199 - Revision : 1 - Type : FILE-OFFICE |
| 2016-03-14 | Microsoft Office Excel malformed binary format use after free attempt RuleID : 36430 - Revision : 2 - Type : FILE-OFFICE |
| 2016-03-14 | Microsoft Office Excel malformed binary format use after free attempt RuleID : 36429 - Revision : 3 - Type : FILE-OFFICE |
| 2016-03-14 | Microsoft Visio lmetaclasscount buffer overflow attempt RuleID : 36428 - Revision : 2 - Type : FILE-OFFICE |
| 2016-03-14 | Microsoft Visio lmetaclasscount buffer overflow attempt RuleID : 36427 - Revision : 2 - Type : FILE-OFFICE |
| 2016-03-14 | Microsoft Office Excel fileVersion use-after-free attempt RuleID : 36426 - Revision : 3 - Type : FILE-OFFICE |
| 2016-03-14 | Microsoft Office Excel fileVersion use-after-free attempt RuleID : 36425 - Revision : 3 - Type : FILE-OFFICE |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2015-10-14 | Name : An application installed on the remote Mac OS X host is affected by multiple ... File : macosx_ms15-110_office.nasl - Type : ACT_GATHER_INFO |
| 2015-10-13 | Name : The remote Windows host is affected by multiple vulnerabilities. File : smb_nt_ms15-110.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
| Source | Url |
|---|---|
| MS | https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15... |
| SECTRACK | http://www.securitytracker.com/id/1033804 |
Alert History
| Date | Informations |
|---|---|
| 2021-05-04 12:38:57 |
|
| 2021-04-22 01:47:43 |
|
| 2020-05-23 00:44:46 |
|
| 2018-10-13 05:18:56 |
|
| 2016-12-12 21:22:36 |
|
| 2016-12-08 09:23:41 |
|
| 2015-10-20 16:20:21 |
|
| 2015-10-15 05:22:46 |
|
| 2015-10-14 13:23:59 |
|
| 2015-10-14 09:22:43 |
|
