Vulnerability Database

289,689

Total vulnerabilities in the database

CVE-2015-2378

Untrusted search path vulnerability in Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel Viewer 2007 SP3, and Office Compatibility Pack SP3 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "Microsoft Excel DLL Remote Code Execution Vulnerability."

  • Published: Jul 14, 2015
  • Updated: Apr 13, 2023
  • CVE: CVE-2015-2378
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.9
  • AV:L/AC:M/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Software From Fixed in
microsoft / office_compatibility_pack - -
microsoft / excel_viewer 2007-sp3 2007-sp3.x
microsoft / excel 2007-sp3 2007-sp3.x
microsoft / excel 2010-sp2 2010-sp2.x