CVE-2016-3357

Description

Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Word for Mac 2011, Word 2016 for Mac, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, SharePoint Server 2013 SP1, Excel Automation Services on SharePoint Server 2013 SP1, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted document, aka Microsoft Office Memory Corruption Vulnerability.

Risk Information

Base Score

7.8

MODERATE

Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

32.411

Associated Vulnerability

Vulnerability	OS Platform
Microsoft Outlook Spoofing Vulnerability for Microsoft SharePoint Enterprise Server 2013 (KB3115169)	Windows
Microsoft Outlook Spoofing Vulnerability for Microsoft SharePoint Enterprise Server 2013 (KB3054862)	Windows
Microsoft Outlook Spoofing Vulnerability for Microsoft Office 2013 (KB3118268) 64-Bit Edition	Windows
Microsoft Outlook Spoofing Vulnerability for Microsoft Office 2013 (KB3118268) 32-Bit Edition	Windows
Microsoft Outlook Spoofing Vulnerability for Microsoft Office 2007 suites (KB3118300)	Windows
Microsoft Outlook Spoofing Vulnerability for Microsoft Office 2016 (KB3118292) 64-Bit Edition	Windows
Microsoft Outlook Spoofing Vulnerability for Microsoft Office 2016 (KB3118292) 32-Bit Edition	Windows
Microsoft Outlook Spoofing Vulnerability for Microsoft Office 2010 (KB3118309) 64-Bit Edition	Windows
Microsoft Outlook Spoofing Vulnerability for Microsoft Office 2010 (KB3118309) 32-Bit Edition	Windows
Microsoft Outlook Spoofing Vulnerability for Microsoft Office 2010 (KB2553432) 64-Bit Edition	Windows
Microsoft Outlook Spoofing Vulnerability for Microsoft Office 2010 (KB2553432) 32-Bit Edition	Windows
Microsoft Outlook Spoofing Vulnerability for Office 2003 (KB3118297)	Windows
Microsoft Outlook Spoofing Vulnerability for Microsoft SharePoint Server 2010 (KB3115119)	Windows
Microsoft Outlook Spoofing Vulnerability for Microsoft Office Compatibility Pack Service Pack 3 (KB3115462)	Windows
Microsoft Outlook Spoofing Vulnerability for Microsoft Excel 2010 (KB3118316) 64-Bit Edition	Windows
Microsoft Outlook Spoofing Vulnerability for Microsoft Excel 2010 (KB3118316) 32-Bit Edition	Windows
Microsoft Outlook Spoofing Vulnerability for Microsoft Excel 2016 (KB3118290) 64-Bit Edition	Windows
Microsoft Outlook Spoofing Vulnerability for Microsoft Excel 2016 (KB3118290) 32-Bit Edition	Windows
Microsoft Outlook Spoofing Vulnerability for Microsoft Office Excel Viewer 2007 (KB3115463)	Windows
Microsoft Outlook Spoofing Vulnerability for Microsoft Excel 2013 (KB3118284) 64-Bit Edition	Windows
Microsoft Outlook Spoofing Vulnerability for Microsoft Excel 2013 (KB3118284) 32-Bit Edition	Windows
Microsoft Outlook Spoofing Vulnerability for Microsoft Office Excel 2007 (KB3115459)	Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-21428	Security Update for Microsoft SharePoint Enterprise Server 2013 (KB3115169)
PATCH-21409	Security Update for Microsoft Office 2013 (KB3118268) 64-Bit Edition
PATCH-21408	Security Update for Microsoft Office 2013 (KB3118268) 32-Bit Edition
PATCH-21417	Security Update for Microsoft Office 2016 (KB3118292) 64-Bit Edition
PATCH-21416	Security Update for Microsoft Office 2016 (KB3118292) 32-Bit Edition
PATCH-21401	Security Update for Microsoft Office 2010 (KB2553432) 64-Bit Edition
PATCH-21400	Security Update for Microsoft Office 2010 (KB2553432) 32-Bit Edition
PATCH-21424	Security Update for Office 2003 (KB3118297)
PATCH-21423	Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3115462)
PATCH-21403	Security Update for Microsoft Excel 2010 (KB3118316) 64-Bit Edition
PATCH-21402	Security Update for Microsoft Excel 2010 (KB3118316) 32-Bit Edition
PATCH-21419	Security Update for Microsoft Excel 2016 (KB3118290) 64-Bit Edition
PATCH-21418	Security Update for Microsoft Excel 2016 (KB3118290) 32-Bit Edition
PATCH-21426	Security Update for Microsoft Office Excel Viewer 2007 (KB3115463)
PATCH-21411	Security Update for Microsoft Excel 2013 (KB3118284) 64-Bit Edition
PATCH-21410	Security Update for Microsoft Excel 2013 (KB3118284) 32-Bit Edition
PATCH-21395	Security Update for Microsoft Office Excel 2007 (KB3115459)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234