Lucene search

[email protected]NVD:CVE-2016-0054

HistoryFeb 10, 2016 - 11:59 a.m.

CVE-2016-0054

2016-02-1011:59:18

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.199

Percentile

96.4%

JSON

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel Services on SharePoint Server 2013 SP1, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka “Microsoft Office Memory Corruption Vulnerability.”

Affected configurations

Nvd

Node

microsoftexcelMatch2007sp3

microsoftexcelMatch2010sp2x64

microsoftexcelMatch2010sp2x86

microsoftexcelMatch2013sp1

microsoftexcelMatch2013sp1rt

microsoftexcelMatch2016

microsoftexcel_for_macMatch2011

microsoftexcel_for_macMatch2016

microsoftexcel_viewer

microsoftoffice_compatibility_packsp3

microsoftoffice_web_appsMatch2010sp2

microsoftsharepoint_designerMatch2007sp3

microsoftsharepoint_foundationMatch2010sp2

microsoftsharepoint_serverMatch2013sp1

VendorProductVersionCPE
microsoftexcel2007cpe:2.3:a:microsoft:excel:2007:sp3:*:*:*:*:*:*
microsoftexcel2010cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:x64:*
microsoftexcel2010cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:x86:*
microsoftexcel2013cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:*:*
microsoftexcel2013cpe:2.3:a:microsoft:excel:2013:sp1:*:*:rt:*:*:*
microsoftexcel2016cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:*:*
microsoftexcel_for_mac2011cpe:2.3:a:microsoft:excel_for_mac:2011:*:*:*:*:*:*:*
microsoftexcel_for_mac2016cpe:2.3:a:microsoft:excel_for_mac:2016:*:*:*:*:*:*:*
microsoftexcel_viewer*cpe:2.3:a:microsoft:excel_viewer:*:*:*:*:*:*:*:*
microsoftoffice_compatibility_pack*cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	excel	2007	cpe:2.3:a:microsoft:excel:2007:sp3::::::
microsoft	excel	2010	cpe:2.3:a:microsoft:excel:2010:sp2:::::x64:*
microsoft	excel	2010	cpe:2.3:a:microsoft:excel:2010:sp2:::::x86:*
microsoft	excel	2013	cpe:2.3:a:microsoft:excel:2013:sp1::::::
microsoft	excel	2013	cpe:2.3:a:microsoft:excel:2013:sp1:::rt:::*
microsoft	excel	2016	cpe:2.3:a:microsoft:excel:2016:::::::*
microsoft	excel_for_mac	2011	cpe:2.3:a:microsoft:excel_for_mac:2011:::::::*
microsoft	excel_for_mac	2016	cpe:2.3:a:microsoft:excel_for_mac:2016:::::::*
microsoft	excel_viewer	*	cpe:2.3:a:microsoft:excel_viewer::::::::
microsoft	office_compatibility_pack	*	cpe:2.3:a:microsoft:office_compatibility_pack::sp3::::::*