Microsoft Office Component Use After Free Vulnerability (CVE-2015-1649)
2016年4月6日
危険度: 緊急
CVE識別番号: 2015-1649,MS15-033
情報公開日: 4 06, 2016
概要
A remote code execution vulnerability exists in Microsoft Office software that is caused when the Office software improperly handles objects in memory while parsing specially crafted Office files. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
Trend Micro researcher Jack Tang disclosed details about this vulnerability to Microsoft. The said company acknowledged Tang’s research contribution.
トレンドマイクロの対策
Apply associated Trend Micro DPI Rules.
対応方法
Trend Micro Deep Security DPI Rule Name: 1006625 - Microsoft Office Component Use After Free Vulnerability (CVE-2015-1649)
影響を受けるソフトウェア
- Microsoft Office