CVE-2016-3235

HIGH KEV

Microsoft Visio <2016 - Privilege Escalation

Title source: llm

Description

Microsoft Visio 2007 SP3, Visio 2010 SP2, Visio 2013 SP1, Visio 2016, Visio Viewer 2007 SP3, and Visio Viewer 2010 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Microsoft Office OLE DLL Side Loading Vulnerability."

Exploits (1)

exploitdb WORKING POC VERIFIED

by Metasploit · rubylocalwindows

https://www.exploit-db.com/exploits/41706

View Code ZIP pw:eip

References (7)

[Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/137490/Microsoft-Visio-DLL-Hijacking.html

[Mailing List, Third Party Advisory] http://seclists.org/fulldisclosure/2016/Jun/32

[Broken Link, Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/538685/100/0/threaded

[Broken Link, Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1036093

[Patch, Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-070

[Exploit, Third Party Advisory] https://www.securify.nl/advisory/SFY20150804/microsoft_visio_multiple_dll_side_loading_vulnerabilities.html

[Third Party Advisory, US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-3235

Scores

CVSS v3 7.8

EPSS 0.8116

EPSS Percentile 99.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CISA KEV 2021-11-03

VulnCheck KEV 2021-11-03

InTheWild.io 2021-07-23

ENISA EUVD EUVD-2016-4273

Status published

Products (6)

microsoft/visio 2007 sp3

microsoft/visio 2010 sp2

microsoft/visio 2013 sp1

microsoft/visio 2016

microsoft/visio_viewer 2007 sp3

microsoft/visio_viewer 2010

Published Jun 16, 2016

KEV Added Nov 03, 2021

Tracked Since Feb 18, 2026