Lucene search

[email protected]CVE-2016-0054

HistoryFeb 10, 2016 - 11:59 a.m.

CVE-2016-0054

2016-02-1011:59:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2016-0054

microsoft excel

remote code execution

memory corruption

vulnerability

nvd

security advisory

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.7 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.282 Low

EPSS

Percentile

96.8%

JSON

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel Services on SharePoint Server 2013 SP1, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka “Microsoft Office Memory Corruption Vulnerability.”

CPENameOperatorVersion
microsoft:sharepoint_foundationmicrosoft sharepoint foundationeq2010
microsoft:excelmicrosoft exceleq2013
microsoft:excelmicrosoft exceleq2016
microsoft:excel_viewermicrosoft excel viewereq*
microsoft:excel_for_macmicrosoft excel for maceq2011
microsoft:office_web_appsmicrosoft office web appseq2010
microsoft:excel_for_macmicrosoft excel for maceq2016
microsoft:sharepoint_servermicrosoft sharepoint servereq2013
microsoft:sharepoint_designermicrosoft sharepoint designereq2007
microsoft:office_compatibility_packmicrosoft office compatibility packeq*

CPE	Name	Operator	Version
microsoft:sharepoint_foundation	microsoft sharepoint foundation	eq	2010
microsoft:excel	microsoft excel	eq	2013
microsoft:excel	microsoft excel	eq	2016
microsoft:excel_viewer	microsoft excel viewer	eq	*
microsoft:excel_for_mac	microsoft excel for mac	eq	2011
microsoft:office_web_apps	microsoft office web apps	eq	2010
microsoft:excel_for_mac	microsoft excel for mac	eq	2016
microsoft:sharepoint_server	microsoft sharepoint server	eq	2013
microsoft:sharepoint_designer	microsoft sharepoint designer	eq	2007
microsoft:office_compatibility_pack	microsoft office compatibility pack	eq	*

Rows per page:

1-10 of 121

References

www.securitytracker.com/id/1034976

docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-015

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.7 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.282 Low

EPSS

Percentile

96.8%

JSON

Related for CVE-2016-0054

openvas6 checkpoint_advisories1 symantec1 prion1 nessus2 kaspersky1 mskb1