CVE-2016-3361Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Excel

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources
Severity
7.8HIGHNVD
EPSS
19.8%
top 4.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Excel
Timeline
PublishedSep 14
Latest updateMay 14

Description

Microsoft Excel 2010 SP2 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages1 packages

NVDmicrosoft/excel2010

🔴Vulnerability Details

2
GHSA
GHSA-3x57-vf53-p26m: Microsoft Excel 2010 SP2 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerabili2022-05-14
CVEList
CVE-2016-3361: Microsoft Excel 2010 SP2 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerabili2016-09-14

📋Vendor Advisories

1
Microsoft
Microsoft Office Memory Corruption Vulnerability2016-09-13
CVE-2016-3361 — Microsoft Excel vulnerability | cvebase