CVE-2015-1641

ENISA EUVD: EUVD-2015-1771 ↗
Exploited in the Wild ✓ Confirmed 0-Day ★ Google Project Zero
Triaged: March 5, 2026 1 article Published: 2015-04-14
VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ Advisory ↗ P0 Sheet ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-23
93.67%
probability
This CVE has a 93.67% probability of being exploited in the next 30 days.
0% Top 99.9th percentile of all CVEs 100%

CVSS v3.1

Source: VulnerabilityLookup (CIRCL)
7.8
HIGH
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2 (legacy)

9.3
HIGH
Access Vector
Network
Access Complexity
Medium
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
AV:N/AC:M/Au:N/C:C/I:C/A:C

Description

VulnerabilityLookup (CNA)
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, and Office Web Apps Server 2010 SP2 and 2013 SP1 allow remote attackers to execute arbitrary code via a crafted RTF document, aka "Microsoft Office Memory Corruption Vulnerability."

Affected Products

n/a
n/a

Attack Intelligence

Google Project Zero

Patched
April 14, 2015
Reported by
The Labs Team of iSIGHT Partners
Root Cause Analysis
???

Exploits & PoC

Cyberclues/rtf_exploit_extractor

Script to extract malicious payload and decoy document from CVE-2015-1641 exploit documents

23 2017-01-10
1 repo — triés par ⭐ Rechercher sur GitHub ↗

Signal Intelligence

Confidence
95%
EPSS 93.67%
CVSS v3.1 7.8
Mentions 1
Last Seen Apr 14, 2015

CNA Information

CNA Assigner
microsoft

Analyst Note

Auto-imported from Google Project Zero — confirmed zero-day by definition.

Threat Actors 2

FusionCore
apt_group 🇪🇺 EU
DNSpionage
apt_group Information theft and espionage 🇮🇷 IR

Triage Info

Decided atMar 05, 2026
Published DateApr 14, 2015