CVE-2016-3362

CWE-119Buffer Overflow4 documents4 sources
Severity
7.8HIGH
EPSS
19.8%
top 4.56%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microsoft ExcelMicrosoft Sharepoint Designer
Timeline
PublishedSep 14
Latest updateMay 14

Description

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel Automation Services on SharePoint Server 2013 SP1, and Office Online Server allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3365.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

NVDmicrosoft/excel4 versions+3
NVDmicrosoft/sharepoint_designer2007, 2010, 2013+2

🔴Vulnerability Details

2
GHSA
GHSA-cfgg-h7vh-cg6c: Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services o2022-05-14
CVEList
CVE-2016-3362: Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services o2016-09-14

📋Vendor Advisories

1
Microsoft
Microsoft Office Memory Corruption Vulnerability2016-09-13
CVE-2016-3362 (HIGH CVSS 7.8) | Microsoft Excel 2007 SP3 | cvebase.io