CVE-2016-3357

HIGH

Microsoft Office 2007 SP3-2016, Word for Mac, SharePoint, Office Web Apps - Remote Code Execution via Crafted Document

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-3357. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit demonstrates a heap corruption vulnerability in Microsoft PowerPoint 2010 (CVE-2016-3357) by providing a crashing PPT file. The analysis includes register states, call stack, and disassembly, confirming a memory corruption issue that could lead to arbitrary code execution.

Description

Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Word for Mac 2011, Word 2016 for Mac, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, SharePoint Server 2013 SP1, Excel Automation Services on SharePoint Server 2013 SP1, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · textdoswindows

https://www.exploit-db.com/exploits/40406

View Code ZIP pw:eip

This exploit demonstrates a heap corruption vulnerability in Microsoft PowerPoint 2010 (CVE-2016-3357) by providing a crashing PPT file. The analysis includes register states, call stack, and disassembly, confirming a memory corruption issue that could lead to arbitrary code execution.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Microsoft PowerPoint 2010 (mso.dll: 14.0.7166.5000, ppcore.dll: 14.0.7168.5000)

No auth needed

Prerequisites: Victim must open the malicious PPT file

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/92786

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1036785

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/40406/

Vendor Advisory vendor-advisory x_refsource_ms

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-107

Scores

CVSS v3 7.8

EPSS 0.5481

EPSS Percentile 98.9%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-119

Status published

Products (11)

microsoft/office 2007 sp3

microsoft/office 2010 sp2

microsoft/office 2013 sp1

microsoft/office 2016

microsoft/office_web_apps 2010 sp2

microsoft/office_web_apps_server 2013 sp1

microsoft/sharepoint_foundation 2010 sp2

microsoft/sharepoint_foundation 2013 sp1

microsoft/word_for_mac 2011

microsoft/word_for_mac 2016

... and 1 more

Published Sep 14, 2016

Tracked Since Feb 18, 2026