Memory Corruption Vulnerability in Microsoft Office Products
CVE-2016-7232
7.8HIGH
Key Information:
- Vendor
- Microsoft
- Vendor
- CVE Published:
- 10 November 2016
Summary
A vulnerability exists in Microsoft Office products that allows remote attackers to execute arbitrary code by exploiting a memory corruption issue. When a maliciously crafted Office document is opened, it can lead to out-of-bounds writes, enabling attackers to gain control over the affected system. This vulnerability affects various versions of Microsoft Word and Office, posing significant risks to users if they are not properly patched.
References
EPSS Score
40% chance of being exploited in the next 30 days.
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved