CVE-2016-0010

CWE-119 — Buffer Overflow CWE-8268 documents8 sources

Severity

7.8HIGH

EPSS

53.9%

top 1.99%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Excel FOR MAC Microsoft Office Microsoft Powerpoint FOR MAC +1 more

Timeline

PublishedJan 13

Latest updateOct 7

Description

Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Excel for Mac 2011, PowerPoint for Mac 2011, Word for Mac 2011, Excel 2016 for Mac, PowerPoint 2016 for Mac, Word 2016 for Mac, and Word Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

▶NVDmicrosoft/office4 versions+3

▶NVDmicrosoft/word2011, 2016+1

▶NVDmicrosoft/excel2011, 2016+1

▶NVDmicrosoft/powerpoint2011, 2016+1

🔴Vulnerability Details

GHSA

GHSA-3m2q-3xcm-4xxf: Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Excel for Mac 2011, PowerPoint for Mac 2011, Word for Ma↗2022-05-14

▶

CVEList

CVE-2016-0010: Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Excel for Mac 2011, PowerPoint for Mac 2011, Word for Ma↗2016-01-13

▶

💥Exploits & PoCs

Exploit-DB

BMC BladeLogic 8.3.00.64 - Remote Command Execution↗2018-01-26

▶

📋Vendor Advisories

Red Hat

kernel: mm/huge_memory: do not clobber swp_entry_t during THP split↗2025-10-07

▶

Microsoft

CVE-2016-0010: Impact: Remote Code Execution Exploit Status: Publicly Disclosed:No;Exploited:No↗2016-01-12

▶

🕵️Threat Intelligence

Fortinet

Deep Analysis of CVE-2016-0010 - Microsoft Office RTF File Handling Heap Overflow Vulnerability↗2016-01-20

▶