CVE-2015-1641
CVSS 3.1 Score 7.8 of 10 (high)
Details
Summary
CVE-2015-1641 is a critical vulnerability affecting multiple Microsoft Office products, including Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, and Office Web Apps Server 2010 SP2 and 2013 SP1. This issue allows remote attackers to execute arbitrary code by exploiting a memory corruption vulnerability in the way these applications handle specially crafted RTF documents. Successful exploitation could result in the attacker gaining control of the affected system. Users are advised to install the available patches to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Microsoft Office Word
- Microsoft SharePoint Server
- Microsoft Office Web Apps
- Microsoft Office
- Microsoft Office Compatibility Pack
Affected Vendors
- Microsoft