Home

CVE-2016-7300

Description

Untrusted search path vulnerability in Microsoft Auto Updater for Mac allows local users to gain privileges via a Trojan horse executable file, aka Microsoft (MAU) Office Elevation of Privilege Vulnerability.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.522

Associated Vulnerability

VulnerabilityOS Platform
Windows GDI Information Disclosure Vulnerability for Microsoft Office Word 2007 (KB3128025)Windows
Windows GDI Information Disclosure Vulnerability for Microsoft Word 2010 (KB3128034) 64-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Word 2010 (KB3128034) 32-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft SharePoint Server 2010 (KB3128026)Windows
Windows GDI Information Disclosure Vulnerability for Microsoft Office Compatibility Pack Service Pack 3 (KB3128024)Windows
Windows GDI Information Disclosure Vulnerability for Microsoft Web Applications (KB3128035)Windows
Windows GDI Information Disclosure Vulnerability for Microsoft Office 2010 (KB3128032) 64-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Office 2010 (KB3128032) 32-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Publisher 2010 (KB3114395) 64-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Publisher 2010 (KB3114395) 32-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Office Compatibility Pack Service Pack 3 (KB3128022)Windows
Windows GDI Information Disclosure Vulnerability for Microsoft Excel 2010 (KB3128037) 64-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Excel 2010 (KB3128037) 32-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Excel 2016 (KB3128016) 64-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Excel 2016 (KB3128016) 32-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Office Excel Viewer 2007 (KB3128023)Windows
Windows GDI Information Disclosure Vulnerability for Microsoft Excel 2013 (KB3128008) 64-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Excel 2013 (KB3128008) 32-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Office 2007 suites (KB2883033)Windows
Windows GDI Information Disclosure Vulnerability for Microsoft Office 2010 (KB2889841) 64-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Office 2010 (KB2889841) 32-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Word Viewer (KB3127995)Windows
Windows GDI Information Disclosure Vulnerability for Microsoft Office 2013 (KB3127968) 64-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Office 2013 (KB3127968) 32-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Office 2016 (KB3127986) 64-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Office 2016 (KB3127986) 32-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Office 2010 (KB3118380) 64-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Office 2010 (KB3118380) 32-Bit EditionWindows
Windows GDI Information Disclosure Vulnerability for Microsoft Office 2007 suites (KB3128020)Windows
Windows GDI Information Disclosure Vulnerability for Word Viewer (KB3128043)Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-21859Security Update for Microsoft Office Word 2007 (KB3128025)
PATCH-21864Security Update for Microsoft Word 2010 (KB3128034) 32-Bit Edition
PATCH-21880Security Update for Microsoft SharePoint Server 2010 (KB3128026)
PATCH-21871Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3128024)
PATCH-21883Security Update for Microsoft Web Applications (KB3128035)
PATCH-21861Security Update for Microsoft Office 2010 (KB3128032) 64-Bit Edition
PATCH-21860Security Update for Microsoft Office 2010 (KB3128032) 32-Bit Edition
PATCH-21870Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3128022)
PATCH-21863Security Update for Microsoft Excel 2010 (KB3128037) 64-Bit Edition
PATCH-21862Security Update for Microsoft Excel 2010 (KB3128037) 32-Bit Edition
PATCH-21869Security Update for Microsoft Excel 2016 (KB3128016) 64-Bit Edition
PATCH-21868Security Update for Microsoft Excel 2016 (KB3128016) 32-Bit Edition
PATCH-21872Security Update for Microsoft Office Excel Viewer 2007 (KB3128023)
PATCH-21867Security Update for Microsoft Excel 2013 (KB3128008) 64-Bit Edition
PATCH-21866Security Update for Microsoft Excel 2013 (KB3128008) 32-Bit Edition
PATCH-21875Security Update for Microsoft Office 2007 suites (KB2883033)
PATCH-21882Security Update for Microsoft Office 2010 (KB2889841) 64-Bit Edition
PATCH-21881Security Update for Microsoft Office 2010 (KB2889841) 32-Bit Edition
PATCH-21893Security Update for Word Viewer (KB3127995)
PATCH-21888Security Update for Microsoft Office 2013 (KB3127968) 64-Bit Edition
PATCH-21887Security Update for Microsoft Office 2013 (KB3127968) 32-Bit Edition
PATCH-21890Security Update for Microsoft Office 2016 (KB3127986) 64-Bit Edition
PATCH-21889Security Update for Microsoft Office 2016 (KB3127986) 32-Bit Edition
PATCH-21892Security Update for Word Viewer (KB3128043)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234