Microsoft Office Memory Corruption Vulnerability (CVE-2015-6091) (MS15-116)
Microsoft Office Memory Corruption Vulnerability (CVE-2015-6091) (MS15-116)
Release date:
Updated on:
Affected Systems:
Microsoft Office 2010 SP2
Microsoft Word 2016
Microsoft Word 2013
Microsoft Word 2010
Microsoft Word 2007 SP3
Description:
CVE (CAN) ID: CVE-2015-6091
Microsoft Office is a Windows-based Office software package developed by Microsoft.
Some versions of Microsoft Office do not properly process memory objects, and the memory corruption vulnerability exists. Remote attackers can execute arbitrary code by constructing Office documents.
<* Source: Steven Vittitoe
Link: http://technet.microsoft.com/security/bulletin/MS15-116
*>
Suggestion:
Vendor patch:
Microsoft
---------
Microsoft has released a Security Bulletin (MS15-116) and patches for this:
MS15-116: Security Update for Microsoft Office to Address Remote Code Execution-Important (3104540)
Link: http://technet.microsoft.com/security/bulletin/MS15-116
This article permanently updates the link address: