Lucene search
Steven Seeley of Source InciteZDI-15-639HistoryDec 14, 2015 - 12:00 a.m.
(0Day) Microsoft Office Excel Binary Worksheet Use-After-Free Remote Code Execution Vulnerability
2015-12-1400:00:00
Steven Seeley of Source Incite
www.zerodayinitiative.com
22
EPSS
0.614
Percentile
97.9%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of binary Excel files (.xlsb). By providing a malformed file, an attacker can cause a pointer to be re-used after it has been freed. An attacker could leverage this to execute arbitrary code under the context of the current user.
Related
cve
cve
CVE-2016-0035
2016-01-13 05:59:23
symantec
symantec
Microsoft Office CVE-2016-0035 Memory Corruption Vulnerability
2016-01-12 00:00:00
openvas
openvas
cvelist
cvelist
CVE-2016-0035
2016-01-13 02:00:00
nvd
nvd
CVE-2016-0035
2016-01-13 05:59:23
checkpoint_advisories
checkpoint_advisories
Microsoft Office Memory Corruption (MS16-004: CVE-2016-0035)
2016-01-12 00:00:00
prion
prion
Memory corruption
2016-01-13 05:59:00
nessus
nessus
kaspersky
kaspersky
KLA10738 Multiple vulnerabilities in Microsoft Office
2016-01-12 00:00:00
mskb
mskb