What is CVE-2015-2503?

CVE-2015-2503 is a vulnerability in Microsoft Access, classified under CWE-264. Published 2015-11-11.

Is CVE-2015-2503 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Microsoft Access

CVE-2015-2503

Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, Info…

EPSS: 0.155 (94.8th percentile) — read the EPSS interpretation.

Affected products

Microsoft Access — versions 2007, 2010, 2013
Microsoft Excel — versions 2007, 2010, 2013
Microsoft Infopath — versions 2007, 2010, 2013
Microsoft Lync — versions 2013
Microsoft Office_2007_ime — versions sp3
Microsoft Onenote — versions 2007, 2010, 2013
Microsoft Pinyin_ime — versions 2010
Microsoft Powerpoint — versions 2007, 2010, 2013
Microsoft Project — versions 2007, 2016
Microsoft Project_server — versions 2010, 2013

Weakness classification (CWE)

CWE-264

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

1034117 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_SECTRACK)
1034122 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_SECTRACK)
MS15-116 (x_refsource_MS, vendor-advisory)
1034119 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_SECTRACK)

Frequently asked questions

What is CVE-2015-2503?: CVE-2015-2503 is a vulnerability in Microsoft Access, classified under CWE-264. Published 2015-11-11.
Is CVE-2015-2503 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.