What is CVE-2015-0085?

CVE-2015-0085 is a vulnerability in Microsoft Excel. Published 2015-03-11.

Is CVE-2015-0085 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Microsoft Excel

CVE-2015-0085

Use-after-free vulnerability in Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 Gold and SP1, Word 2013 Gold and SP1, Office 20…

EPSS: 0.463 (97.7th percentile) — read the EPSS interpretation.

Affected products

Microsoft Excel — versions 2007, 2010
Microsoft Excel_viewer
Microsoft Office — versions 2010, 2013
Microsoft Office_compatibility_pack
Microsoft Office_web_apps_server — versions 2010, 2013
Microsoft Powerpoint — versions 2007, 2010
Microsoft Sharepoint_foundation — versions 2010, 2013
Microsoft Sharepoint_server — versions 2007, 2010, 2013
Microsoft Sharepoint_services — versions 3.0
Microsoft Web_applications — versions 2010

Public proof-of-concept exploits

References

1031896 (vdb-entry, x_refsource_SECTRACK)
MS15-022 (x_refsource_MS, vendor-advisory)

Frequently asked questions

What is CVE-2015-0085?: CVE-2015-0085 is a vulnerability in Microsoft Excel. Published 2015-03-11.
Is CVE-2015-0085 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.