How severe is CVE-2015-1770?

CVE-2015-1770 has a CVSS v3 score of 8.8 (HIGH).

CVE-2015-1770

Name: office
Author: microsoft

8.8HIGH

Microsoft Office 2013 SP1 and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Uninitialized Memory Use Vulnerability."

发布于: 6/10/2015更新于: 10/22/2025

在NVD查看在MITRE查看

CISA已知被利用漏洞

Microsoft Office allows remote attackers to execute arbitrary code via a crafted Office document.

所需操作:

Apply updates per vendor instructions.

截止日期:

2022-04-18

描述

Microsoft Office 2013 SP1 and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Uninitialized Memory Use Vulnerability."

AI分析AI驱动

受影响产品

microsoftoffice

2013

microsoftoffice

2013

参考资料

http://www.securityfocus.com/bid/75016
Broken LinkThird Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1032523
Broken LinkThird Party AdvisoryVDB Entry
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-059
PatchVendor Advisory
http://www.securityfocus.com/bid/75016
Broken LinkThird Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1032523
Broken LinkThird Party AdvisoryVDB Entry
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-059
PatchVendor Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-1770