Home

CVE-2016-7276

Description

Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office for Mac 2011, and Office 2016 for Mac allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted document, aka Microsoft Office Information Disclosure Vulnerability.

Risk Information

Base Score
7.1
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
EPSS Score
Exploitation Probability
8.577

Associated Vulnerability

VulnerabilityOS Platform
Windows GDI Information Disclosure Vulnerability for Microsoft Office Word 2007 (KB3128025)Windows
Windows GDI Information Disclosure Vulnerability for Microsoft Word 2010 (KB3128034) 64-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Word 2010 (KB3128034) 32-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft SharePoint Server 2010 (KB3128026)Windows
Windows GDI Information Disclosure Vulnerability for Microsoft Office Compatibility Pack Service Pack 3 (KB3128024)Windows
Windows GDI Information Disclosure Vulnerability for Microsoft Web Applications (KB3128035)Windows
Windows GDI Information Disclosure Vulnerability for Microsoft Office 2010 (KB3128032) 64-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Office 2010 (KB3128032) 32-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Publisher 2010 (KB3114395) 64-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Publisher 2010 (KB3114395) 32-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Office Compatibility Pack Service Pack 3 (KB3128022)Windows
Windows GDI Information Disclosure Vulnerability for Microsoft Excel 2010 (KB3128037) 64-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Excel 2010 (KB3128037) 32-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Excel 2016 (KB3128016) 64-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Excel 2016 (KB3128016) 32-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Office Excel Viewer 2007 (KB3128023)Windows
Windows GDI Information Disclosure Vulnerability for Microsoft Excel 2013 (KB3128008) 64-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Excel 2013 (KB3128008) 32-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Office 2007 suites (KB2883033)Windows
Windows GDI Information Disclosure Vulnerability for Microsoft Office 2010 (KB2889841) 64-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Office 2010 (KB2889841) 32-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Word Viewer (KB3127995)Windows
Windows GDI Information Disclosure Vulnerability for Microsoft Office 2013 (KB3127968) 64-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Office 2013 (KB3127968) 32-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Office 2016 (KB3127986) 64-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Office 2016 (KB3127986) 32-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Office 2010 (KB3118380) 64-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Office 2010 (KB3118380) 32-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Office 2007 suites (KB3128020)Windows
Windows GDI Information Disclosure Vulnerability for Word Viewer (KB3128043)Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-21859Security Update for Microsoft Office Word 2007 (KB3128025)
PATCH-21864Security Update for Microsoft Word 2010 (KB3128034) 32-Bit Edition
PATCH-21880Security Update for Microsoft SharePoint Server 2010 (KB3128026)
PATCH-21871Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3128024)
PATCH-21883Security Update for Microsoft Web Applications (KB3128035)
PATCH-21861Security Update for Microsoft Office 2010 (KB3128032) 64-Bit Edition
PATCH-21860Security Update for Microsoft Office 2010 (KB3128032) 32-Bit Edition
PATCH-21870Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3128022)
PATCH-21863Security Update for Microsoft Excel 2010 (KB3128037) 64-Bit Edition
PATCH-21862Security Update for Microsoft Excel 2010 (KB3128037) 32-Bit Edition
PATCH-21869Security Update for Microsoft Excel 2016 (KB3128016) 64-Bit Edition
PATCH-21868Security Update for Microsoft Excel 2016 (KB3128016) 32-Bit Edition
PATCH-21872Security Update for Microsoft Office Excel Viewer 2007 (KB3128023)
PATCH-21867Security Update for Microsoft Excel 2013 (KB3128008) 64-Bit Edition
PATCH-21866Security Update for Microsoft Excel 2013 (KB3128008) 32-Bit Edition
PATCH-21875Security Update for Microsoft Office 2007 suites (KB2883033)
PATCH-21882Security Update for Microsoft Office 2010 (KB2889841) 64-Bit Edition
PATCH-21881Security Update for Microsoft Office 2010 (KB2889841) 32-Bit Edition
PATCH-21893Security Update for Word Viewer (KB3127995)
PATCH-21888Security Update for Microsoft Office 2013 (KB3127968) 64-Bit Edition
PATCH-21887Security Update for Microsoft Office 2013 (KB3127968) 32-Bit Edition
PATCH-21890Security Update for Microsoft Office 2016 (KB3127986) 64-Bit Edition
PATCH-21889Security Update for Microsoft Office 2016 (KB3127986) 32-Bit Edition
PATCH-21892Security Update for Word Viewer (KB3128043)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234