Home

CVE-2016-3279

Description

Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Excel 2013 SP1, PowerPoint 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Excel 2016, Word 2016, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code via a crafted XLA file, aka Microsoft Office Remote Code Execution Vulnerability.

Risk Information

Base Score
5.5
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
EPSS Score
Exploitation Probability
34.384

Associated Vulnerability

VulnerabilityOS Platform
Microsoft Office Security Feature Bypass Vulnerability for Microsoft Word 2013 (KB3115292) 64-Bit EditionWindows
Microsoft Office Security Feature Bypass Vulnerability for Microsoft Word 2013 (KB3115292) 32-Bit EditionWindows
Microsoft Office Security Feature Bypass Vulnerability for Microsoft Word 2016 (KB3115301) 64-Bit EditionWindows
Microsoft Office Security Feature Bypass Vulnerability for Microsoft Word 2016 (KB3115301) 32-Bit EditionWindows
Microsoft Office Security Feature Bypass Vulnerability for Word Viewer (KB3115395)Windows
Microsoft Office Security Feature Bypass Vulnerability for Microsoft Office Compatibility Pack Service Pack 3 (KB3115308)Windows
Microsoft Office Security Feature Bypass Vulnerability for Microsoft Excel 2010 (KB3115322) 64-Bit EditionWindows
Microsoft Office Security Feature Bypass Vulnerability for Microsoft Excel 2010 (KB3115322) 32-Bit EditionWindows
Microsoft Office Security Feature Bypass Vulnerability for Microsoft Excel 2016 (KB3115272) 64-Bit EditionWindows
Microsoft Office Security Feature Bypass Vulnerability for Microsoft Excel 2016 (KB3115272) 32-Bit EditionWindows
Microsoft Office Security Feature Bypass Vulnerability for Microsoft Office Excel Viewer 2007 (KB3115114)Windows
Microsoft Office Security Feature Bypass Vulnerability for Microsoft Excel 2013 (KB3115262) 64-Bit EditionWindows
Microsoft Office Security Feature Bypass Vulnerability for Microsoft Excel 2013 (KB3115262) 32-Bit EditionWindows
Microsoft Office Security Feature Bypass Vulnerability for Microsoft Office Excel 2007 (KB3115306)Windows
Microsoft Office Security Feature Bypass Vulnerability for Microsoft Outlook 2016 (KB3115279) 64-Bit EditionWindows
Microsoft Office Security Feature Bypass Vulnerability for Microsoft Outlook 2016 (KB3115279) 32-Bit EditionWindows
Microsoft Office Security Feature Bypass Vulnerability for Microsoft Outlook 2013 (KB3115259)Windows
Microsoft Office Security Feature Bypass Vulnerability for Microsoft Outlook 2013 (KB3115259) 32-Bit EditionWindows
Microsoft Office Security Feature Bypass Vulnerability for Microsoft PowerPoint 2010 (KB3115118) 64-Bit EditionWindows
Microsoft Office Security Feature Bypass Vulnerability for Microsoft PowerPoint 2010 (KB3115118) 32-Bit EditionWindows
Microsoft Office Security Feature Bypass Vulnerability for Microsoft PowerPoint 2013 (KB3115254) 64-Bit EditionWindows
Microsoft Office Security Feature Bypass Vulnerability for Microsoft PowerPoint 2013 (KB3115254) 32-Bit EditionWindows
Microsoft Office Security Feature Bypass Vulnerability for Microsoft Office 2010 (KB3115315) 64-Bit EditionWindows
Microsoft Office Security Feature Bypass Vulnerability for Microsoft Office 2010 (KB3115315) 32-Bit EditionWindows
Microsoft Office Security Feature Bypass Vulnerability for Microsoft Word 2010 (KB3115317) 64-Bit EditionWindows
Microsoft Office Security Feature Bypass Vulnerability for Microsoft Word 2010 (KB3115317) 32-Bit EditionWindows
Microsoft Office Security Feature Bypass Vulnerability for Microsoft Office Compatibility Pack Service Pack 3 (KB3115309)Windows
Microsoft Office Security Feature Bypass Vulnerability for Word Viewer (KB3115393)Windows
Microsoft Office Security Feature Bypass Vulnerability for Microsoft Office Word 2007 (KB3115311)Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-21084Security Update for Microsoft Word 2013 (KB3115292) 64-Bit Edition
PATCH-21083Security Update for Microsoft Word 2013 (KB3115292) 32-Bit Edition
PATCH-21094Security Update for Word Viewer (KB3115395)
PATCH-21080Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3115308)
PATCH-21069Security Update for Microsoft Excel 2010 (KB3115322) 64-Bit Edition
PATCH-21068Security Update for Microsoft Excel 2010 (KB3115322) 32-Bit Edition
PATCH-21086Security Update for Microsoft Excel 2016 (KB3115272) 64-Bit Edition
PATCH-21085Security Update for Microsoft Excel 2016 (KB3115272) 32-Bit Edition
PATCH-21092Security Update for Microsoft Office Excel Viewer 2007 (KB3115114)
PATCH-21078Security Update for Microsoft Excel 2013 (KB3115262) 64-Bit Edition
PATCH-21076Security Update for Microsoft Excel 2013 (KB3115262) 32-Bit Edition
PATCH-21064Security Update for Microsoft Office Excel 2007 (KB3115306)
PATCH-21088Security Update for Microsoft Outlook 2016 (KB3115279) 64-Bit Edition
PATCH-21087Security Update for Microsoft Outlook 2016 (KB3115279) 32-Bit Edition
PATCH-21077Security Update for Microsoft Outlook 2013 (KB3115259)
PATCH-21079Security Update for Microsoft Outlook 2013 (KB3115259) 32-Bit Edition
PATCH-21072Security Update for Microsoft PowerPoint 2010 (KB3115118) 32-Bit Edition
PATCH-21082Security Update for Microsoft PowerPoint 2013 (KB3115254) 64-Bit Edition
PATCH-21081Security Update for Microsoft PowerPoint 2013 (KB3115254) 32-Bit Edition
PATCH-21067Security Update for Microsoft Office 2010 (KB3115315) 64-Bit Edition
PATCH-21066Security Update for Microsoft Office 2010 (KB3115315) 32-Bit Edition
PATCH-21074Security Update for Microsoft Word 2010 (KB3115317) 32-Bit Edition
PATCH-21093Security Update for Word Viewer (KB3115393)
PATCH-21065Security Update for Microsoft Office Word 2007 (KB3115311)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234