CVE-2016-7298

HIGH

Microsoft Office - Memory Corruption

Title source: rule
STIX 2.1

Description

Microsoft Office 2007 SP3, Office 2010 SP2, Word Viewer, Office for Mac 2011, and Office 2016 for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/94720
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1037441

Scores

CVSS v3 7.8
EPSS 0.2261
EPSS Percentile 97.4%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (5)
microsoft/office 2007 sp3
microsoft/office 2010 sp2
microsoft/office 2011
microsoft/office 2016
microsoft/word_viewer
Published Dec 20, 2016
Tracked Since Feb 18, 2026