7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.4 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to bypass security restrictions or execute arbitrary code.
Below is a complete list of vulnerabilities
Technical details
In some cases vulnerability (1) can be triggered via Preview Pane.
Vulnerability (2) related to SharePoint
CVE-2016-0035 critical
CVE-2015-6117 warning
CVE-2016-0010 critical
CVE-2016-0011 warning
CVE-2016-0012 warning
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
support.microsoft.com/kb/2881067
support.microsoft.com/kb/2920727
support.microsoft.com/kb/3039794
support.microsoft.com/kb/3114396
support.microsoft.com/kb/3114402
support.microsoft.com/kb/3114421
support.microsoft.com/kb/3114482
support.microsoft.com/kb/3114489
support.microsoft.com/kb/3114494
support.microsoft.com/kb/3114503
support.microsoft.com/kb/3114504
support.microsoft.com/kb/3114511
support.microsoft.com/kb/3114518
support.microsoft.com/kb/3114520
support.microsoft.com/kb/3114526
support.microsoft.com/kb/3114540
support.microsoft.com/kb/3114541
support.microsoft.com/kb/3114546
support.microsoft.com/kb/3114547
support.microsoft.com/kb/3114549
support.microsoft.com/kb/3114554
support.microsoft.com/kb/3114557
support.microsoft.com/kb/3114564
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-6117
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2016-0010
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2016-0011
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2016-0012
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2016-0035
statistics.securelist.com/
threats.kaspersky.com/en/product/Microsoft-Office/
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.4 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C