Information Disclosure Vulnerability in Microsoft Excel and Office Products
CVE-2016-7265

7.1HIGH

Key Information:

Vendor

Microsoft
Status
Excel
Sharepoint Server
Excel Viewer
Office Compatibility Pack
Vendor
CVE Published:
20 December 2016

What is CVE-2016-7265?

This vulnerability allows remote attackers to exploit Microsoft Excel and associated Office products by crafting malicious documents that facilitate unauthorized access to sensitive information stored in process memory. Additionally, it can lead to denial of service through an out-of-bounds read, posing a serious risk to users across multiple versions of Excel and Office compatibility pack products. Users should remain vigilant and apply necessary updates to safeguard against this ongoing threat.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS
http://www.securityfocus.com/bid/94721
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1037441
vdb-entryx_refsource_SECTRACK

EPSS Score

10% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
7.1
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.