Is CVE-2015-1651 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Microsoft Office_compatibility_pack

CVE-2015-1651

Use-after-free vulnerability in Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP3 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Component Use After Free Vulnera…

EPSS: 0.531 (98.0th percentile) — read the EPSS interpretation.

Affected products

Microsoft Office_compatibility_pack
Microsoft Word — versions 2007
Microsoft Word_viewer
N/a — versions n/a

Public proof-of-concept exploits

ARPSyndicate/cve-scores
ARPSyndicate/cvemon

References

1032104 (vdb-entry, x_refsource_SECTRACK)
MS15-033 (x_refsource_MS, vendor-advisory)

Frequently asked questions

What is CVE-2015-1651?: CVE-2015-1651 is a vulnerability in Microsoft Office_compatibility_pack. Published 2015-04-14.
Is CVE-2015-1651 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.