KLA10469
Multiple vulnerabilities in Microsoft products

Updated: 09/26/2023
Detect date
?
03/10/2015
Severity
?
Critical
Description

Multiple serious vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or conduct code injection.

Below is a complete list of vulnerabilities

  1. An XSS vulnerabilities can be exploited remotely via a specially designed request;
  2. An use-after-free vulnerability can be exploited remotely via a specially designed document;
  3. An unknown vulnerability can be exploited remotely via a specially designed document.
Affected products

Microsoft Office 2007 Service Pack 3
Microsoft Office 2010 x86, x64 Service Pack 2
Microsoft Office 2013 x86, x64
Microsoft Office 2013 x86, x64 Service Pack 1
Microsoft SharePoint Server 2010 Service Pack 2
Microsoft SharePoint Server 2013 Service Pack 1
Microsoft SharePoint Server 2013
Microsoft Office Web Apps 2010 Service Pack 2
Microsoft Office Web Apps 2013
Microsoft Office Web Apps 2013 Service Pack 1

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

MS advisory
CVE-2015-1636
CVE-2015-0085
CVE-2015-0086
CVE-2015-1633
CVE-2015-0097

Impacts
?
ACE 
[?]

DoS 
[?]

CI 
[?]
Related products
Microsoft Office
Microsoft Sharepoint Server
CVE-IDS
?
CVE-2015-16363.5Warning
CVE-2015-00859.3Critical
CVE-2015-00869.3Critical
CVE-2015-16333.5Warning
CVE-2015-00979.3Critical
Microsoft official advisories
Microsoft Security Update Guide
KB list

2956183
2956181
2956180
2880473
2956189
2956188
2881078
2956069
2920812
2889839
2956109
2956103
2956175
2956107
2956106
2956208
2956163
3038999
2956143
2956142
2956076
2881068
2760361
2899580
2760554
2956136
2956151
2956153
2984939
2956158
2956138
2956139
2760508
2920731
2737989
2883100

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Find out the statistics of the vulnerabilities spreading in your region