VDB
CVE-2015-2510
CVE-2015-2510
PUBLISHED
CVSS 9.300000190734863 CRITICAL
Buffer overflow in the Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2, Office 2007 SP3, Office 2010 SP2, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 SP1, and Live Meeting 2007 Console allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "Graphics Component Buffer Overflow Vulnerability."
EPSS 70.60% · 98.7th percentile
Risk Scores
CVSS v2.0
9.300000190734863
EPSS Score
70.60%
98.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| microsoft | windows_vista | |
| microsoft | office | 2007, 2010 |
| microsoft | lync | 2010, 2013, 2010 |
| microsoft | live_meeting_console | 2007 |
| n/a | n/a | n/a |
| microsoft | windows_server_2008 |
Timeline
- Sep 9, 2015 CVE Published
- Sep 16, 2015 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Dec 17, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 26, 2023 EPSS Score
- May 24, 2023 EPSS Score
- Jul 15, 2023 EPSS Score
References
- https://technet.microsoft.com/en-us/library/security/ms15-097.aspx advisory
- 1033485 vdb
- MS15-097 vendor-advisory
- 1033501 vdb
- 38217 exploit
- 76593 vdb
- 1033500 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2015-2510 advisory
- https://www.exploit-db.com/exploits/38217 url