Vulnerability Description
Buffer overflow in Microsoft Visio 2007 SP3 and 2010 SP2 allows remote attackers to execute arbitrary code via crafted UML data in an Office document, aka "Microsoft Office Memory Corruption Vulnerability."
CVSS Score
9.3
HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Visio | 2007 |
Related Weaknesses (CWE)
References
- http://www.securitytracker.com/id/1033803Third Party AdvisoryVDB Entry
- http://www.zerodayinitiative.com/advisories/ZDI-15-519Third Party AdvisoryVDB Entry
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-11
- http://www.securitytracker.com/id/1033803Third Party AdvisoryVDB Entry
- http://www.zerodayinitiative.com/advisories/ZDI-15-519Third Party AdvisoryVDB Entry
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-11
FAQ
What is CVE-2015-2557?
CVE-2015-2557 is a vulnerability with a CVSS score of 9.3 (HIGH). Buffer overflow in Microsoft Visio 2007 SP3 and 2010 SP2 allows remote attackers to execute arbitrary code via crafted UML data in an Office document, aka "Microsoft Office Memory Corruption Vulnerabi...
How severe is CVE-2015-2557?
CVE-2015-2557 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-2557?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Visio.