Published: 13/07/2016 Updated: 12/10/2018

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Excel 2013 SP1, PowerPoint 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Excel 2016, Word 2016, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote malicious users to execute arbitrary code via a crafted XLA file, aka "Microsoft Office Remote Code Execution Vulnerability."

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft office web apps 2010
microsoft sharepoint server 2010
microsoft excel 2013
microsoft word 2010
microsoft word rt 2013
microsoft powerpoint rt 2013
microsoft excel rt 2013
microsoft word 2013
microsoft powerpoint 2013
microsoft office 2010
microsoft word 2016
microsoft excel 2016
microsoft powerpoint 2010
microsoft excel 2010

CWE-254 http://www.securityfocus.com/bid/91587 http://www.securitytracker.com/id/1036275 http://www.securitytracker.com/id/1036274 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-088 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2016-3279

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect