Unrated severityNVD Advisory· Published Dec 9, 2015· Updated Jun 17, 2026
CVE-2015-6172
CVE-2015-6172
Description
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2016, Word 2013 RT SP1, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted email message processed by Outlook, aka "Microsoft Office RCE Vulnerability."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8- cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
2News mentions
1- Microsoft Patches Critical Zero-Click Outlook Vulnerability Threatening EnterprisesSecurityWeek · May 13, 2026