Home

CVE-2016-0057

Description

Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2016 does not properly sign an unspecified binary file, which allows local users to gain privileges via a Trojan horse file with a crafted signature, aka Microsoft Office Security Feature Bypass Vulnerability.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.702

Associated Vulnerability

VulnerabilityOS Platform
Security Update for Microsoft Office 2007 suites (KB2956110)Windows
Security Update for Microsoft Office InfoPath 2007 (KB3114426)Windows
Security Update for Microsoft Office Word 2007 (KB3114901)Windows
Security Update for Microsoft Office 2010 (KB2956063) 32-Bit EditionWindows
Security Update for Microsoft Office 2010 (KB3114873) 32-Bit EditionWindows
Security Update for Microsoft Office 2010 (KB3114873) 64-Bit EditionWindows
Security Update for Microsoft InfoPath 2010 (KB3114414) 32-Bit EditionWindows
Security Update for Microsoft InfoPath 2010 (KB3114414) 64-Bit EditionWindows
Security Update for Microsoft Word 2010 (KB3114878) 32-Bit EditionWindows
Security Update for Microsoft Word 2010 (KB3114878) 64-Bit EditionWindows
Security Update for Microsoft Office 2013 (KB3039746) 32-Bit EditionWindows
Security Update for Microsoft InfoPath 2013 (KB3114833) 32-Bit EditionWindows
Security Update for Microsoft InfoPath 2013 (KB3114833) 64-Bit EditionWindows
Security Update for Microsoft Word 2013 (KB3114824) 32-Bit EditionWindows
Security Update for Microsoft Word 2013 (KB3114824) 64-Bit EditionWindows
Security Update for Microsoft Office 2016 (KB3114690) 32-Bit EditionWindows
Security Update for Microsoft Word 2016 (KB3114855) 32-Bit EditionWindows
Security Update for Microsoft Word 2016 (KB3114855) 64-Bit EditionWindows
Security Update for Word Viewer (KB3114812)Windows
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3114900)Windows
Security Update for Microsoft Office Outlook 2007 (KB2880510)Windows
Security Update for Microsoft Outlook 2013 (KB3114829) 32-Bit EditionWindows
Security Update for Microsoft Outlook 2013 (KB3114829) 64-Bit EditionWindows
Security Update for Microsoft Outlook 2016 (KB3114861) 32-Bit EditionWindows
Security Update for Microsoft Outlook 2016 (KB3114861) 64-Bit EditionWindows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-20199Security Update for Microsoft Office 2007 suites (KB2956110)
PATCH-20200Security Update for Microsoft Office InfoPath 2007 (KB3114426)
PATCH-20201Security Update for Microsoft Office Word 2007 (KB3114901)
PATCH-20202Security Update for Microsoft Office 2010 (KB2956063) 32-Bit Edition
PATCH-20203Security Update for Microsoft Office 2010 (KB3114873) 32-Bit Edition
PATCH-20204Security Update for Microsoft Office 2010 (KB3114873) 64-Bit Edition
PATCH-20205Security Update for Microsoft InfoPath 2010 (KB3114414) 32-Bit Edition
PATCH-20206Security Update for Microsoft InfoPath 2010 (KB3114414) 64-Bit Edition
PATCH-20207Security Update for Microsoft Word 2010 (KB3114878) 32-Bit Edition
PATCH-20209Security Update for Microsoft Office 2013 (KB3039746) 32-Bit Edition
PATCH-20210Security Update for Microsoft InfoPath 2013 (KB3114833) 32-Bit Edition
PATCH-20211Security Update for Microsoft InfoPath 2013 (KB3114833) 64-Bit Edition
PATCH-20212Security Update for Microsoft Word 2013 (KB3114824) 32-Bit Edition
PATCH-20213Security Update for Microsoft Word 2013 (KB3114824) 64-Bit Edition
PATCH-20214Security Update for Microsoft Office 2016 (KB3114690) 32-Bit Edition
PATCH-20215Security Update for Microsoft Word 2016 (KB3114855) 32-Bit Edition
PATCH-20216Security Update for Microsoft Word 2016 (KB3114855) 64-Bit Edition
PATCH-20217Security Update for Word Viewer (KB3114812)
PATCH-20219Security Update for Microsoft Office Outlook 2007 (KB2880510)
PATCH-20330Security Update for Microsoft Outlook 2013 (KB3114829) 32-Bit Edition
PATCH-20331Security Update for Microsoft Outlook 2013 (KB3114829) 64-Bit Edition
PATCH-20332Security Update for Microsoft Outlook 2016 (KB3114861) 32-Bit Edition
PATCH-20333Security Update for Microsoft Outlook 2016 (KB3114861) 64-Bit Edition

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234