Memory Corruption Vulnerability in Microsoft Excel Products
CVE-2016-7231

7.8HIGH

Key Information:

Vendor
Microsoft
Status
Excel Viewer
Excel For Mac
Office Compatibility Pack
Excel
Vendor
CVE Published:
10 November 2016

Summary

A memory corruption issue in several Microsoft Excel products could be exploited by attaching a specially crafted Office document. Once opened, the document may allow remote attackers to execute arbitrary code on the vulnerable system, potentially leading to unauthorized access and manipulation of sensitive data. This vulnerability underscores the importance of maintaining up-to-date software and thorough scrutiny of documents from untrusted sources.

References

http://www.securityfocus.com/bid/93996
vdb-entryx_refsource_BID
https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS
http://www.securitytracker.com/id/1037246
vdb-entryx_refsource_SECTRACK

EPSS Score

30% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.