Cyber Resilience

CVE-2015-2424

HighCISA KEVActive ExploitationEUVD Exploited

Published: 14 July 2015

Published
14 July 2015
Modified
22 April 2026
KEV Added
03 March 2022
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.6448 98.5th percentile
Risk Priority 76 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2015-2424 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Microsoft Office. Its CVSS base score is 8.8 (High).

Operationally, ranked in the top 1.5% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and SI-3 (Malicious Code Protection).

Deeper analysis

CVE-2015-2424 is a memory corruption vulnerability, tracked under CWE-787, that affects Microsoft PowerPoint 2007 SP3, Word 2007 SP3, PowerPoint 2010 SP2, Word 2010 SP2, PowerPoint 2013 SP1, Word 2013 SP1, and PowerPoint 2013 RT SP1. The flaw permits remote attackers to trigger out-of-bounds writes through a specially crafted Office document, resulting in arbitrary code execution or denial of service.

An attacker can deliver the malicious document over the network and achieve code execution or service disruption once the victim opens it in an affected application. The CVSS 3.1 vector indicates the attack requires no privileges but does rely on user interaction to render the document.

Microsoft addressed the issue in security bulletin MS15-070, which provides patches for the listed Office versions. SecurityTracker entries reference the same update and associated exploit details.

The vulnerability appears in the CISA Known Exploited Vulnerabilities Catalog, confirming observed real-world exploitation activity.

EU & UK References

Vulnerability details

Microsoft PowerPoint 2007 SP3, Word 2007 SP3, PowerPoint 2010 SP2, Word 2010 SP2, PowerPoint 2013 SP1, Word 2013 SP1, and PowerPoint 2013 RT SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via…

more

a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

CWE(s)
KEV Date Added
03 March 2022

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

microsoft
excel viewer
2007
microsoft
office
2007, 2010, 2011, 2013
microsoft
office compatibility pack
all versions
microsoft
powerpoint
2007, 2010
microsoft
word
2013
microsoft
word viewer
all versions

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires applying the MS15-070 patches that remediate the out-of-bounds write flaw in the listed Office versions.

preventdetect

Malicious-code detection mechanisms can inspect incoming Office documents and block those crafted to trigger the memory corruption.

preventdetect

Integrity verification of Office binaries or incoming documents can detect unauthorized modifications that exploit CVE-2015-2424.

References