Buffer overflow in Microsoft Excel

CVE-2015-2521

Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

Vulnerability class: Buffer Overflow

EPSS: 0.692 (98.7th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

1033488 (vdb-entry, x_refsource_SECTRACK)
MS15-099 (x_refsource_MS, vendor-advisory)
38216 (exploit, x_refsource_EXPLOIT-DB)