What is CVE-2015-6106?

CVE-2015-6106 is a vulnerability in Microsoft Live_meeting, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2015-12-09.

Is CVE-2015-6106 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Microsoft Live_meeting

CVE-2015-6106

The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2, Office 2007 SP3, Office 2010 SP2, Word Viewer, Skype for Business 2016, Lync 2010, Lync 2013 SP1, and Live Meeting 2007 Console allows remote attackers to ex…

Vulnerability class: Buffer Overflow

EPSS: 0.448 (97.6th percentile) — read the EPSS interpretation.

Affected products

Microsoft Live_meeting — versions 2007
Microsoft Lync — versions 2010, 2013
Microsoft Office — versions 2007, 2010
Microsoft Skype_for_business — versions 2016
Microsoft Windows_server_2008
Microsoft Windows_vista
Microsoft Word_viewer
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

1034333 (vdb-entry, x_refsource_SECTRACK)
1034331 (vdb-entry, x_refsource_SECTRACK)
MS15-128 (x_refsource_MS, vendor-advisory)
1034332 (vdb-entry, x_refsource_SECTRACK)
1034336 (vdb-entry, x_refsource_SECTRACK)

Frequently asked questions

What is CVE-2015-6106?: CVE-2015-6106 is a vulnerability in Microsoft Live_meeting, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2015-12-09.
Is CVE-2015-6106 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.