CVE-2016-0136

Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, Excel Services on SharePoint Server 2007 SP3, and Excel Services on SharePoint Server 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

Published: Apr 13, 2016
Updated: Apr 13, 2023
CVE: CVE-2016-0136
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
microsoft / sharepoint_foundation	2010-sp2	2010-sp2.x
microsoft / sharepoint_designer	2007-sp3	2007-sp3.x
microsoft / office_compatibility_pack	-	-
microsoft / excel	2010-sp2	2010-sp2.x
microsoft / excel	2007-sp3	2007-sp3.x

http://www.securitytracker.com/id/1035524
http://www.securitytracker.com/id/1035525
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-042
https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1224

Vulnerability Database

289,599

CVE-2016-0136