CVE-2015-2375

Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel Viewer 2007 SP3, Excel Services on SharePoint Server 2010 SP2, and Excel Services on SharePoint Server 2013 SP1 allow remote attackers to bypass the ASLR protection mechanism via a crafted spreadsheet, aka "Microsoft Excel ASLR Bypass Vulnerability."

Published: Jul 14, 2015
Updated: Apr 13, 2023
CVE: CVE-2015-2375
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:P/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
microsoft / excel	2013-sp1	2013-sp1.x
microsoft / excel	2010-sp2	2010-sp2.x
microsoft / sharepoint_server	2010-sp2	2010-sp2.x
microsoft / sharepoint_server	2013-sp1	2013-sp1.x
microsoft / excel_viewer	2007-sp3	2007-sp3.x

http://www.securitytracker.com/id/1032899
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-070

Vulnerability Database

289,689

CVE-2015-2375