Unrated severityNVD Advisory· Published Apr 14, 2015· Updated Jun 17, 2026

CVE-2015-1650

Description

Use-after-free vulnerability in Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, and Office Web Apps Server 2010 SP2 and 2013 SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Component Use After Free Vulnerability."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Microsoft/Office2 versions
cpe:2.3:a:microsoft:office:2010:sp2:x64:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:office:2010:sp2:x64:*:*:*:*:*
- cpe:2.3:a:microsoft:office:2010:sp2:x86:*:*:*:*:*
Microsoft/Office Compatibility Pack
cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*
Microsoft/Office Web Apps2 versions
cpe:2.3:a:microsoft:office_web_apps:2010:sp2:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:office_web_apps:2010:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:office_web_apps:2013:sp1:*:*:*:*:*:*
Microsoft/Sharepoint Server2 versions
cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:sharepoint_server:2013:sp1:*:*:*:*:*:*
Microsoft/Word3 versions
cpe:2.3:a:microsoft:word:2007:sp3:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:microsoft:word:2007:sp3:*:*:*:*:*:*
- cpe:2.3:a:microsoft:word:2010:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:word:2013:sp1:*:*:rt:*:*:*
Microsoft/Word Viewer
cpe:2.3:a:microsoft:word_viewer:*:*:*:*:*:*:*:*
Microsoft/Microsoft Officellm-fuzzy

cvss	0.000
epss	0.023
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000

CVE-2015-1650

Description

AI Insight

Affected products

Patches

Vulnerability mechanics

References

News mentions