Vulnerability in Microsoft Office

CVE-2015-0064

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word Automation Services in SharePoint Server 2010, Web Applications 2010 SP2, Word Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or caus…

EPSS: 0.712 (98.7th percentile) — read the EPSS interpretation.

Affected products

Microsoft Office — versions 2010
Microsoft Office_compatibility_pack
Microsoft Sharepoint_server — versions 2010
Microsoft Web_applications — versions 2010
Microsoft Word — versions 2007, 2010
Microsoft Word_automation_services
Microsoft Word_viewer
N/a — versions n/a

Weakness classification (CWE)

CWE-399

References

72463 (vdb-entry, x_refsource_BID)
62808 (x_refsource_SECUNIA, third-party-advisory)
MS15-012 (x_refsource_MS, vendor-advisory)
37967 (exploit, x_refsource_EXPLOIT-DB)
1031720 (vdb-entry, x_refsource_SECTRACK)