Memory Corruption Vulnerability in Microsoft Excel and Office Products
CVE-2016-3362

7.8HIGH

Key Information:

Vendor
Microsoft
Status
Excel
Excel Viewer
Sharepoint Designer
Office Compatibility Pack
Vendor
CVE Published:
14 September 2016

Summary

A memory corruption vulnerability exists in Microsoft Excel and various Office products that could allow remote attackers to execute arbitrary code through specially crafted documents. Upon opening a malicious document, the affected applications can be exploited, posing significant security risks to users. This vulnerability affects multiple versions of Microsoft Excel, Outlook services, and Office solutions, highlighting the necessity for users to apply recommended security updates to mitigate potential threats.

References

http://www.securityfocus.com/bid/92799
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1036785
vdb-entryx_refsource_SECTRACK
https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS

EPSS Score

19% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.