Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA10738
HistoryJan 12, 2016 - 12:00 a.m.

KLA10738 Multiple vulnerabilities in Microsoft Office

2016-01-1200:00:00
Kaspersky Lab
threats.kaspersky.com
29

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.4 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

JSON

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to bypass security restrictions or execute arbitrary code.

Below is a complete list of vulnerabilities

  1. Improper memory objects handling can be exploited remotely via a specially designed file to execute arbitrary code;
  2. Lack of Access Control Policy enforcement can be exploited remotely via a specially designed web content to bypass security restrictions;
  3. An unknown vulnerability can be exploited remotely via a specially designed web content to bypass Address Space Layout Randomization security feature.

Technical details

In some cases vulnerability (1) can be triggered via Preview Pane.

Vulnerability (2) related to SharePoint

Original advisories

CVE-2016-0035

CVE-2015-6117

CVE-2016-0010

CVE-2016-0011

CVE-2016-0012

Related products

Microsoft-Office

CVE list

CVE-2016-0035 critical

CVE-2015-6117 warning

CVE-2016-0010 critical

CVE-2016-0011 warning

CVE-2016-0012 warning

KB list

3114511

3114518

3114557

3114554

3114494

3114396

2920727

3114504

3114549

3114421

2881067

3114503

3114540

3114541

3114520

3114402

3114546

3114564

3114547

3039794

3114482

3114489

3114526

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

  • ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

  • SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

Affected Products

  • Microsoft Sharepoint FoundationΒ 2013 Service Pack 1Microsoft Office 2007 Service Pack 3Microsoft Office 2010 Service Pack 2Microsoft Office 2013 Service Pack 1Microsoft Office 2013 RT Service Pack 1Microsoft Office 2016Microsoft Excel, Powerpoint and Word for Mac 2011Microsoft Excel, Powerpoint and Word for MacΒ 2016Microsoft Office Compatibility Pack Service Pack 3Microsoft Excel and Word ViewersMicrosoft Sharepoint Server 2013 Service Pack 1

References

Related

mskb 1
nessus 2
openvas 11
cvelist 5
prion 5
cve 5
nvd 5
symantec 5
checkpoint_advisories 3
zdi 1
mskb
mskb
MS16-004: Security Update for Microsoft Office to Address Remote Code Execution: January 12, 2016
2016-01-12 00:00:00
nessus
nessus
MS16-004: Security Update for Microsoft Office to Address Remote Code Execution (3124585)
2016-01-12 00:00:00
MS16-004: Security Update for Microsoft Office to Address Remote Code Execution (3124585) (Mac OS X)
2016-01-12 00:00:00
openvas
openvas
Microsoft Office Multiple Vulnerabilities (3124585) - Mac OS X
2016-01-13 00:00:00
MS SharePoint Server and Foundation Multiple Vulnerabilities (3124585)
2016-01-13 00:00:00
Microsoft Office Excel Multiple Remote Code Execution Vulnerabilities (3124585)
2016-01-13 00:00:00
cvelist
cvelist
CVE-2016-0011
2016-01-13 02:00:00
CVE-2015-6117
2016-01-13 02:00:00
CVE-2016-0035
2016-01-13 02:00:00
prion
prion
Security feature bypass
2016-01-13 05:59:00
Security feature bypass
2016-01-13 05:59:00
Security feature bypass
2016-01-13 05:59:00
cve
cve
CVE-2015-6117
2016-01-13 05:59:00
CVE-2016-0011
2016-01-13 05:59:09
CVE-2016-0035
2016-01-13 05:59:23
nvd
nvd
NVD:CVE-2015-6117
2016-01-13 05:59:00
NVD:CVE-2016-0011
2016-01-13 05:59:09
NVD:CVE-2016-0012
2016-01-13 05:59:10
symantec
symantec
Microsoft SharePoint CVE-2015-6117 Security Bypass Vulnerability
2016-01-12 00:00:00
Microsoft Office CVE-2016-0012 ASLR Security Bypass Vulnerability
2016-01-12 00:00:00
Microsoft SharePoint CVE-2016-0011 Security Bypass Vulnerability
2016-01-12 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Office Memory Corruption (MS16-004: CVE-2016-0035)
2016-01-12 00:00:00
Microsoft Office Memory Corruption (MS16-004: CVE-2016-0010)
2016-01-12 00:00:00
MSCOMCTL.OCX Killbit: C74190B6-8589-11d1-B16A-00C0F0283628 (MS12-027; CVE-2012-0158; CVE-2016-0012)
2012-04-10 00:00:00
zdi
zdi
(0Day) Microsoft Office Excel Binary Worksheet Use-After-Free Remote Code Execution Vulnerability
2015-12-14 00:00:00

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.4 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

JSON
Related for KLA10738
mskb1nessus2openvas11cvelist5prion5cve5nvd5symantec5checkpoint_advisories3zdi1