Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
| Informations | |||
|---|---|---|---|
| Name | CVE-2015-6039 | First vendor Publication | 2015-10-13 |
| Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:S/C:N/I:P/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 3.5 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | Medium |
| Cvss Expoit Score | 6.8 | Authentication | Requires single instance |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allows remote authenticated users to inject arbitrary web script or HTML via crafted content in an Office Marketplace instance, aka "Microsoft SharePoint Security Feature Bypass Vulnerability." |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6039 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 1 | |
| Application | 1 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2018-08-16 | Microsoft Office Excel fileVersion use-after-free attempt RuleID : 47204 - Revision : 1 - Type : FILE-OFFICE |
| 2018-08-16 | Microsoft Office Excel fileVersion use-after-free attempt RuleID : 47203 - Revision : 1 - Type : FILE-OFFICE |
| 2018-08-16 | Microsoft Office Excel fileVersion use-after-free attempt RuleID : 47202 - Revision : 2 - Type : FILE-OFFICE |
| 2018-08-16 | Microsoft Office Excel fileVersion use-after-free attempt RuleID : 47201 - Revision : 2 - Type : FILE-OFFICE |
| 2018-08-16 | Microsoft Office Excel fileVersion use-after-free attempt RuleID : 47200 - Revision : 1 - Type : FILE-OFFICE |
| 2018-08-16 | Microsoft Office Excel fileVersion use-after-free attempt RuleID : 47199 - Revision : 1 - Type : FILE-OFFICE |
| 2016-03-14 | Microsoft Office Excel malformed binary format use after free attempt RuleID : 36430 - Revision : 2 - Type : FILE-OFFICE |
| 2016-03-14 | Microsoft Office Excel malformed binary format use after free attempt RuleID : 36429 - Revision : 3 - Type : FILE-OFFICE |
| 2016-03-14 | Microsoft Visio lmetaclasscount buffer overflow attempt RuleID : 36428 - Revision : 2 - Type : FILE-OFFICE |
| 2016-03-14 | Microsoft Visio lmetaclasscount buffer overflow attempt RuleID : 36427 - Revision : 2 - Type : FILE-OFFICE |
| 2016-03-14 | Microsoft Office Excel fileVersion use-after-free attempt RuleID : 36426 - Revision : 3 - Type : FILE-OFFICE |
| 2016-03-14 | Microsoft Office Excel fileVersion use-after-free attempt RuleID : 36425 - Revision : 3 - Type : FILE-OFFICE |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2015-10-14 | Name : An application installed on the remote Mac OS X host is affected by multiple ... File : macosx_ms15-110_office.nasl - Type : ACT_GATHER_INFO |
| 2015-10-13 | Name : The remote Windows host is affected by multiple vulnerabilities. File : smb_nt_ms15-110.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
| Source | Url |
|---|
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 12:49:12 |
|
| 2021-05-04 12:41:23 |
|
| 2021-04-22 01:50:17 |
|
| 2020-05-23 00:46:22 |
|
| 2018-10-13 05:18:56 |
|
| 2016-12-08 21:24:22 |
|
| 2016-12-08 09:23:50 |
|
| 2015-10-20 16:21:13 |
|
| 2015-10-15 05:23:22 |
|
| 2015-10-14 13:24:00 |
|
| 2015-10-14 09:23:17 |
|
