CVE-2016-3233
Description
Microsoft Excel 2007 SP3, Excel 2010 SP2, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka Microsoft Office Memory Corruption Vulnerability.
Risk Information
Base Score
7.3
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
29.812
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Microsoft Office Information Disclosure Vulnerability for Microsoft Office Compatibility Pack Service Pack 3 (KB3115194) | Windows |
| Microsoft Office Information Disclosure Vulnerability for Microsoft Office 2016 (KB3115144) 64-Bit Edition | Windows |
| Microsoft Office Information Disclosure Vulnerability for Microsoft Office 2016 (KB3115144) 32-Bit Edition | Windows |
| Microsoft Office Information Disclosure Vulnerability for Microsoft Office 2010 (KB3115198) 64-Bit Edition | Windows |
| Microsoft Office Information Disclosure Vulnerability for Microsoft Office 2010 (KB3115198) 32-Bit Edition | Windows |
| Microsoft Office Information Disclosure Vulnerability for Microsoft Word 2016 (KB3115182) 64-Bit Edition | Windows |
| Microsoft Office Information Disclosure Vulnerability for Microsoft Word 2016 (KB3115182) 32-Bit Edition | Windows |
| Microsoft Office Information Disclosure Vulnerability for Microsoft Office Word 2007 (KB3115195) | Windows |
| Microsoft Office Information Disclosure Vulnerability for Microsoft Word 2013 (KB3115173) 64-Bit Edition | Windows |
| Microsoft Office Information Disclosure Vulnerability for Microsoft Word 2013 (KB3115173) 32-Bit Edition | Windows |
| Microsoft Office Information Disclosure Vulnerability for Microsoft Word 2010 (KB3115243) 64-Bit Edition | Windows |
| Microsoft Office Information Disclosure Vulnerability for Microsoft Word 2010 (KB3115243) 32-Bit Edition | Windows |
| Microsoft Office Information Disclosure Vulnerability for Microsoft Office Compatibility Pack Service Pack 3 (KB3115111) | Windows |
| Microsoft Office Information Disclosure Vulnerability for Microsoft Excel 2010 (KB3115130) 64-Bit Edition | Windows |
| Microsoft Office Information Disclosure Vulnerability for Microsoft Excel 2010 (KB3115130) 32-Bit Edition | Windows |
| Microsoft Office Memory Corruption Vulnerability for Microsoft Office Excel 2007 (KB3115107) | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-20806 | Security Update for Microsoft Office 2016 (KB3115144) 64-Bit Edition |
| PATCH-20805 | Security Update for Microsoft Office 2016 (KB3115144) 32-Bit Edition |
| PATCH-20794 | Security Update for Microsoft Office 2010 (KB3115198) 64-Bit Edition |
| PATCH-20793 | Security Update for Microsoft Office 2010 (KB3115198) 32-Bit Edition |
| PATCH-20792 | Security Update for Microsoft Office Word 2007 (KB3115195) |
| PATCH-20804 | Security Update for Microsoft Word 2013 (KB3115173) 64-Bit Edition |
| PATCH-20803 | Security Update for Microsoft Word 2013 (KB3115173) 32-Bit Edition |
| PATCH-20799 | Security Update for Microsoft Word 2010 (KB3115243) 32-Bit Edition |
| PATCH-20811 | Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3115111) |
| PATCH-20796 | Security Update for Microsoft Excel 2010 (KB3115130) 64-Bit Edition |
| PATCH-20795 | Security Update for Microsoft Excel 2010 (KB3115130) 32-Bit Edition |
| PATCH-20790 | Security Update for Microsoft Office Excel 2007 (KB3115107) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234