Unrated severityNVD Advisory· Published Jul 14, 2015· Updated May 6, 2026

CVE-2015-2378

Description

Untrusted search path vulnerability in Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel Viewer 2007 SP3, and Office Compatibility Pack SP3 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "Microsoft Excel DLL Remote Code Execution Vulnerability."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Untrusted search path vulnerability in Microsoft Excel allows local privilege escalation via a malicious DLL in the current working directory.

Vulnerability

CVE-2015-2378 is an untrusted search path vulnerability in Microsoft Excel. It affects Excel 2007 SP3, Excel 2010 SP2, Excel Viewer 2007 SP3, and Office Compatibility Pack SP3. The vulnerability occurs when Excel loads a DLL from the current working directory without proper validation, allowing an attacker to place a malicious DLL in that directory [1].

Exploitation

An attacker must have local access to the system and be able to write a malicious DLL to the current working directory. The victim then opens an Excel file from that directory, causing Excel to load the attacker's DLL instead of the legitimate one. No authentication beyond the local user session is required [1].

Impact

Successful exploitation allows the attacker to execute arbitrary code in the context of the current user. If the user has administrative privileges, the attacker can gain full control of the system, leading to complete compromise of confidentiality, integrity, and availability [1].

Mitigation

Microsoft released security update MS15-070 on July 14, 2015, which addresses this vulnerability by correcting how Excel handles DLL loading. Users should apply the update via Windows Update or direct download. No workarounds are documented in the available references [1].

References

Microsoft Security Bulletin MS15-070 - Important

AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Microsoft/Excel3 versions
cpe:2.3:a:microsoft:excel:2007:sp3:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:microsoft:excel:2007:sp3:*:*:*:*:*:*
- cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:x64:*
- cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:x86:*
Microsoft/Excel Viewer
cpe:2.3:a:microsoft:excel_viewer:2007:sp3:*:*:*:*:*:*
Microsoft/Office Compatibility Pack
cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*
Microsoft/Excel Viewer 2007llm-create
Range: SP3
Microsoft/Excel 2007llm-fuzzy
Range: SP3
Microsoft/Excel 2010llm-fuzzy
Range: SP2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.005
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000