Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2016 Greenbone AGOPENVAS:1361412562310809726
HistoryNov 09, 2016 - 12:00 a.m.

Microsoft Office Web Apps Multiple Vulnerabilities (3199168)

2016-11-0900:00:00
Copyright (C) 2016 Greenbone AG
plugins.openvas.org
14

6.8 Medium

AI Score

Confidence

High

0.7 High

EPSS

Percentile

98.0%

JSON

This host is missing an important security
update according to Microsoft Bulletin MS16-133

# SPDX-FileCopyrightText: 2016 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

CPE = "cpe:/a:microsoft:office_web_apps";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.809726");
  script_version("2023-07-20T05:05:17+0000");
  script_cve_id("CVE-2016-7230", "CVE-2016-7233", "CVE-2016-7234");
  script_tag(name:"cvss_base", value:"9.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_tag(name:"last_modification", value:"2023-07-20 05:05:17 +0000 (Thu, 20 Jul 2023)");
  script_tag(name:"severity_vector", value:"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2018-10-12 22:14:00 +0000 (Fri, 12 Oct 2018)");
  script_tag(name:"creation_date", value:"2016-11-09 16:20:19 +0530 (Wed, 09 Nov 2016)");
  script_tag(name:"qod_type", value:"executable_version");
  script_name("Microsoft Office Web Apps Multiple Vulnerabilities (3199168)");

  script_tag(name:"summary", value:"This host is missing an important security
  update according to Microsoft Bulletin MS16-133");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"The flaw exists as,

  - Office software fails to properly handle objects in memory.

  - Office or Word reads out of bound memory due to an uninitialized variable.");

  script_tag(name:"impact", value:"Successful exploitation will allow remote
  attackers to execute arbitrary code in the context of the currently logged-in
  user and gain access to potentially sensitive information.");

  script_tag(name:"affected", value:"- Microsoft Office Web Apps 2010 Service Pack 2 and prior

  - Microsoft Office Web Apps Server 2013 Service Pack 1 and prior");

  script_tag(name:"solution", value:"The vendor has released updates. Please see the references for more information.");

  script_tag(name:"solution_type", value:"VendorFix");

  script_xref(name:"URL", value:"https://support.microsoft.com/en-us/kb/3127954");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/94006");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/94031");
  script_xref(name:"URL", value:"http://www.securityfocus.com/bid/94020");
  script_xref(name:"URL", value:"https://support.microsoft.com/en-us/kb/3127929");
  script_xref(name:"URL", value:"https://technet.microsoft.com/library/security/MS16-133");

  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2016 Greenbone AG");
  script_family("Windows : Microsoft Bulletins");
  script_dependencies("gb_ms_office_web_apps_detect.nasl");
  script_require_ports(139, 445);
  script_mandatory_keys("MS/Office/Web/Apps/Ver");
  exit(0);
}

include("smb_nt.inc");
include("host_details.inc");
include("version_func.inc");
include("secpod_smb_func.inc");

if( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE ) ) exit( 0 );
webappVer = infos['version'];
path = infos['location'];
if(!path || "Could not find the install location" >< path){
  exit(0);
}

## Microsoft Office Web Apps 2010 and 2013
if(webappVer =~ "^(14|15)\..*")
{
  dllVer = fetch_file_version(sysPath:path,
           file_name:"\14.0\WebServices\ConversionService\Bin\Converter\sword.dll");
  if(dllVer)
  {
    if(version_in_range(version:dllVer, test_version:"14.0", test_version2:"14.0.7176.4999"))
    {
     report = 'File checked:     ' +  path + "14.0\WebServices\ConversionService\Bin\Converter\sword.dll" + '\n' +
              'File version:     ' + dllVer  + '\n' +
              'Vulnerable range: ' + "14.0 - 14.0.7176.4999" + '\n' ;
      security_message(data:report);
      exit(0);
    }
  }

  dllVer1 = fetch_file_version(sysPath:path,
           file_name:"\15.0\WebServices\ConversionService\Bin\Converter\sword.dll");
  if(dllVer1)
  {
    if(version_in_range(version:dllVer1, test_version:"15.0", test_version2:"15.0.4875.0999"))
    {
      report = 'File checked:     ' +  path + "15.0\WebServices\ConversionService\Bin\Converter\sword.dll" + '\n' +
               'File version:     ' + dllVer1  + '\n' +
               'Vulnerable range: ' + "15.0 - 15.0.4875.0999" + '\n' ;
      security_message(data:report);
      exit(0);
    }
  }
}

exit(99);

Related

mskb 15
openvas 7
prion 3
symantec 2
checkpoint_advisories 3
cve 3
mscve 3
cvelist 3
nessus 2
kaspersky 1
mskb
mskb
MS16-133: Description of the security update for SharePoint Server 2010 Office Web Apps: November 8, 2016
2016-11-08 08:00:00
MS16-133: Description of the security update for Word Automation Services on SharePoint Server 2013: November 8, 2016
2016-11-08 08:00:00
MS16-133: Description of the security update for Word 2010: November 8, 2016
2016-11-08 08:00:00
openvas
openvas
Microsoft SharePoint Server WAS Multiple Vulnerabilities (3199168)
2016-11-09 00:00:00
Microsoft Office Word Multiple Vulnerabilities (3199168)
2016-11-09 00:00:00
Microsoft Office PowerPoint Viewer Remote Code Execution Vulnerability (3199168)
2016-11-09 00:00:00
prion
prion
Information disclosure
2016-11-10 06:59:00
Memory corruption
2016-11-10 06:59:00
Memory corruption
2016-11-10 06:59:00
symantec
symantec
Microsoft Office CVE-2016-7233 Information Disclosure Vulnerability
2016-11-08 00:00:00
Microsoft Office CVE-2016-7234 Memory Corruption Vulnerability
2016-11-08 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Office Memory Corruption (MS16-133: CVE-2016-7234)
2016-11-08 00:00:00
Microsoft Office Information Disclosure (MS16-133: CVE-2016-7233)
2016-11-08 00:00:00
Microsoft Office Memory Corruption (MS16-133: CVE-2016-7230)
2016-11-08 00:00:00
cve
cve
CVE-2016-7234
2016-11-10 06:59:00
CVE-2016-7230
2016-11-10 06:59:00
CVE-2016-7233
2016-11-10 06:59:00
mscve
mscve
Microsoft Office Memory Corruption Vulnerability
2016-11-08 08:00:00
Microsoft Office Memory Corruption Vulnerability
2016-11-08 08:00:00
Microsoft Office Information Disclosure Vulnerability
2016-11-08 08:00:00
cvelist
cvelist
CVE-2016-7230
2016-11-10 06:16:00
CVE-2016-7234
2016-11-10 06:16:00
CVE-2016-7233
2016-11-10 06:16:00
nessus
nessus
MS16-133: Security Update for Microsoft Office (3199168)
2016-11-08 00:00:00
MS16-133: Security Update for Microsoft Office (3199168) (macOS)
2016-11-16 00:00:00
kaspersky
kaspersky
KLA10902 Multiple vulnerabilities in Microsoft Office
2016-11-08 00:00:00

6.8 Medium

AI Score

Confidence

High

0.7 High

EPSS

Percentile

98.0%

JSON
Related for OPENVAS:1361412562310809726
mskb15openvas7prion3symantec2checkpoint_advisories3cve3mscve3cvelist3nessus2kaspersky1