CVE-2015-1649

CVE Database · CVE-2015-1649

CVE-2015-1649

· N/AModified

CVSS v3.1

N/A

EPSS

25.74%

Published

Apr 14, 2015

Modified

May 6, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Use-after-free vulnerability in Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps Server 2010 SP2 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Component Use After Free Vulnerability."

Affected Products (11)

microsoft · officevulnerable

microsoft · office_compatibility_packvulnerable

microsoft · office_web_appsvulnerable

microsoft · sharepoint_servervulnerable

microsoft · wordvulnerable

References (4)

http://www.securitytracker.com/id/1032104

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-033

http://www.securitytracker.com/id/1032104

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-033

KEV Catalog EPSS Scores Vendors All CVEs