Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA10884
HistoryOct 11, 2016 - 12:00 a.m.

KLA10884 Code execution vulnerability in Microsoft Office

2016-10-1100:00:00
Kaspersky Lab
threats.kaspersky.com
48

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.746 High

EPSS

Percentile

98.1%

JSON

Detect date:

10/11/2016

Severity:

High

Description:

An improper RTF handling was found in Microsoft Office. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed file.

Affected products:

Microsoft Word 2007 Service Pack 3
Microsoft Office 2010 Service Pack 2
Microsoft Word 2013 Service Pack 1
Microsoft Office 2013 RT Service Pack 1
Microsoft Word 2016
Microsoft Word for Mac 2011
Microsoft Word 2016 for Mac
Microsoft Office Compatibility Pack Service Pack 3
Microsoft Word Viewer
SharePoint Server 2010 Service Pack 2
SharePoint Server 2013 Service Pack 1
Microsoft Office Web Apps 2010 Service Pack 2
Microsoft Office Web Apps 2013 Service Pack 1
Office Online Server

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

CVE-2016-3263
CVE-2016-3209
CVE-2016-3262
CVE-2016-7182
CVE-2016-3396
CVE-2016-7193

Impacts:

ACE

Related products:

Microsoft Office

CVE-IDS:

CVE-2016-32635.0Warning
CVE-2016-32095.0Warning
CVE-2016-32625.0Warning
CVE-2016-33969.3Critical
CVE-2016-71939.3Critical

Microsoft official advisories:

KB list:

3118394
3189647
3118348
3118317
3188399
3188397
3118327
3188400
3118301
3127898
3193438
3118331
3127897
3118360
3118307
3118311
3193442
3118312
3118377
3118384
3118352
3118308
3118345

Exploitation:

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

References

Related

mskb 49
openvas 14
nessus 4
cve 6
cvelist 6
prion 6
checkpoint_advisories 5
cisa_kev 1
mscve 6
symantec 6
attackerkb 1
kaspersky 3
thn 1
threatpost 1
myhack58 1
mskb
mskb
Security update 2016-10-11
2016-10-11 07:00:00
Security update 2016-10-11
2016-10-11 07:00:00
Security update 2016-10-11
2016-10-11 07:00:00
openvas
openvas
Microsoft Lync Multiple Vulnerabilities (3192884)
2016-10-12 00:00:00
Microsoft Office Word Viewer Remote Code Execution Vulnerabilities (3192884)
2016-10-12 00:00:00
Microsoft Office Multiple Remote Code Execution Vulnerabilities (3192884)
2016-10-12 00:00:00
nessus
nessus
MS16-120: Security Update for Microsoft Graphics Component (3192884)
2016-10-12 00:00:00
MS16-121: Security Update for Microsoft Office (3194063)
2016-10-12 00:00:00
MS16-121: Security Update for Microsoft Office (3194063) (Mac OS X)
2016-10-12 00:00:00
cve
cve
CVE-2016-3262
2016-10-14 02:59:00
CVE-2016-3263
2016-10-14 02:59:00
CVE-2016-3396
2016-10-14 02:59:00
cvelist
cvelist
CVE-2016-3262
2016-10-14 01:00:00
CVE-2016-3263
2016-10-14 01:00:00
CVE-2016-3396
2016-10-14 01:00:00
prion
prion
Information disclosure
2016-10-14 02:59:00
Information disclosure
2016-10-14 02:59:00
Memory corruption
2016-10-14 02:59:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows GDI+ Information Disclosure (MS16-120: CVE-2016-3263)
2016-10-11 00:00:00
Microsoft Windows GDI+ Information Disclosure (MS16-120: CVE-2016-3262)
2016-10-11 00:00:00
Microsoft Office Memory Corruption (MS16-121: CVE-2016-7193)
2016-10-11 00:00:00
cisa_kev
cisa_kev
Microsoft Office Memory Corruption Vulnerability
2022-03-03 00:00:00
mscve
mscve
GDI+ Information Disclosure Vulnerability
2016-10-11 07:00:00
GDI+ Remote Code Execution Vulnerability
2016-10-11 07:00:00
GDI+ Information Disclosure Vulnerability
2016-10-11 07:00:00
symantec
symantec
Microsoft Office CVE-2016-7193 Memory Corruption Vulnerability
2016-10-11 00:00:00
Microsoft Windows Graphics Component CVE-2016-3263 Information Disclosure Vulnerability
2016-10-11 00:00:00
Microsoft Windows Graphics Component CVE-2016-3262 Information Disclosure Vulnerability
2016-10-11 00:00:00
attackerkb
attackerkb
CVE-2016-7193
2016-10-14 00:00:00
kaspersky
kaspersky
KLA10883 OSI vulnerability in Microsoft Products
2016-10-11 00:00:00
KLA11906 Multiple vulnerabilities for Microsoft Products (ESU)
2016-10-11 00:00:00
KLA10882 Multiple vulnerabilities in Microsoft Windows
2016-10-11 00:00:00
thn
thn
Microsoft Patches 5 Zero-Day Vulnerabilities Being Exploited in the Wild
2016-10-11 20:41:00
threatpost
threatpost
Microsoft Patches Five Zero Days Under Attack
2016-10-11 15:18:35
myhack58
myhack58
The macro perspective of the office vulnerability, 2010-2018-a vulnerability warning-the black bar safety net
2019-06-13 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.746 High

EPSS

Percentile

98.1%

JSON
Related for KLA10884
mskb49openvas14nessus4cve6cvelist6prion6checkpoint_advisories5cisa_kev1mscve6symantec6attackerkb1kaspersky3thn1threatpost1myhack581