Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016, Word 2016 for Mac, and Word Viewer allow remote attackers to execute arbitrary code via a crafted file, aka "Microsoft Office Memory Corruption Vulnerability."

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C
Vendors Products
Microsoft
  • Office
  • Word Viewer
  • Word For Mac

Configuration 1 [-]

OR cpe:2.3:a:microsoft:office:2007:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2010:sp2:x64:*:*:*:*:*
cpe:2.3:a:microsoft:office:2010:sp2:x86:*:*:*:*:*
cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:word_for_mac:2016:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:word_viewer:*:*:*:*:*:*:*:*
References
Link Resource
http://www.securityfocus.com/bid/92289
http://www.securitytracker.com/id/1036559
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-099
https://www.exploit-db.com/exploits/40224/
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: microsoft

Published: 2016-08-09T21:00:00

Updated: 2018-10-12T19:57:01

Reserved: 2016-03-15T00:00:00

Link: CVE-2016-3313

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2016-08-09T21:59:20.503

Modified: 2018-10-30T16:27:52.233

Link: CVE-2016-3313

JSON object: View

cve-icon Redhat Information

No data.

CWE