Vulnerability Description
Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel Viewer 2007 SP3, Excel Services on SharePoint Server 2010 SP2, and Excel Services on SharePoint Server 2013 SP1 allow remote attackers to bypass the ASLR protection mechanism via a crafted spreadsheet, aka "Microsoft Excel ASLR Bypass Vulnerability."
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Excel | 2010 |
| Microsoft | Sharepoint Server | 2010 |
| Microsoft | Excel Viewer | 2007 |
Related Weaknesses (CWE)
References
- http://www.securitytracker.com/id/1032899
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-07
- http://www.securitytracker.com/id/1032899
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-07
FAQ
What is CVE-2015-2375?
CVE-2015-2375 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel Viewer 2007 SP3, Excel Services on SharePoint Server 2010 SP2, and Excel Services on SharePoint Server 2013 SP1 allow remote attacker...
How severe is CVE-2015-2375?
CVE-2015-2375 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-2375?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Excel, Microsoft Sharepoint Server, Microsoft Excel Viewer.