Memory Corruption Vulnerability in Microsoft Excel Products
CVE-2016-7229

7.8HIGH

Key Information:

Vendor
Microsoft
Status
Excel
Excel Viewer
Excel For Mac
Office Compatibility Pack
Vendor
CVE Published:
10 November 2016

Summary

A memory corruption vulnerability in various versions of Microsoft Excel allows remote attackers to execute arbitrary code on the affected systems. By exploiting specially crafted Office documents, attackers can gain control of user systems, making it essential for users to apply the necessary security updates to mitigate the risk. This vulnerability affects several versions of Excel, including those for both Windows and Mac platforms.

References

https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS
http://www.securitytracker.com/id/1037246
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/93995
vdb-entryx_refsource_BID

EPSS Score

28% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.