KLA10469
Multiple vulnerabilities in Microsoft products
Обновлено: 17/06/2019
Дата обнаружения
10/03/2015
Уровень угрозы
Critical
Описание

Multiple serious vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or conduct code injection.

Below is a complete list of vulnerabilities

  1. An XSS vulnerabilities can be exploited remotely via a specially designed request;
  2. An use-after-free vulnerability can be exploited remotely via a specially designed document;
  3. An unknown vulnerability can be exploited remotely via a specially designed document.
Пораженные продукты

Microsoft Office 2007 Service Pack 3
Microsoft Office 2010 x86, x64 Service Pack 2
Microsoft Office 2013 x86, x64
Microsoft Office 2013 x86, x64 Service Pack 1
Microsoft SharePoint Server 2010 Service Pack 2
Microsoft SharePoint Server 2013 Service Pack 1
Microsoft SharePoint Server 2013
Microsoft Office Web Apps 2010 Service Pack 2
Microsoft Office Web Apps 2013
Microsoft Office Web Apps 2013 Service Pack 1

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
MS advisory
CVE-2015-1636
CVE-2015-0085
CVE-2015-0086
CVE-2015-1633
CVE-2015-0097
Оказываемое влияние
?
ACE 
[?]

DoS 
[?]

CI 
[?]
Связанные продукты
Microsoft Office
Microsoft Sharepoint Server
CVE-IDS
CVE-2015-16363.5Warning
CVE-2015-00859.3Critical
CVE-2015-00869.3Critical
CVE-2015-16333.5Warning
CVE-2015-00979.3Critical
Microsoft official advisories
Microsoft Security Update Guide
KB list

2956183
2956181
2956180
2880473
2956189
2956188
2881078
2956069
2920812
2889839
2956109
2956103
2956175
2956107
2956106
2956208
2956163
3038999
2956143
2956142
2956076
2881068
2760361
2899580
2760554
2956136
2956151
2956153
2984939
2956158
2956138
2956139
2760508
2920731
2737989
2883100