Memory Corruption Vulnerability in Microsoft Excel Products
CVE-2016-3358

7.8HIGH

Key Information:

Vendor
Microsoft
Status
Excel
Excel Viewer
Excel For Mac
Sharepoint Designer
Vendor
CVE Published:
14 September 2016

Summary

This vulnerability allows remote attackers to exploit a memory corruption issue in multiple versions of Microsoft Excel and its related products. By using a specially crafted document, attackers can manipulate memory operations, potentially leading to the execution of arbitrary code on the user's machine. This may result in gaining control over the affected system, compromising sensitive information and violating user privacy. Ensuring timely updates and patches is essential to safeguard against such vulnerabilities.

References

https://www.verisign.com/en_US/security-services/security...
third-party-advisoryx_refsource_IDEFENSE
http://www.securitytracker.com/id/1036785
vdb-entryx_refsource_SECTRACK
https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS

EPSS Score

28% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.