Microsoft Office Information Disclosure Vulnerability for Microsoft Office Compatibility Pack Service Pack 3 (KB3115111)
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
81.164%
CVE Information
Patch Details
Patch associated with this vulnerability is supported by ManageEngine.
Patch ID
20811
Patch Description
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3115111)
References
http://packetstormsecurity.com/files/137490/Microsoft-Visio-DLL-Hijacking.html
http://seclists.org/fulldisclosure/2016/Jun/32
http://technet.microsoft.com/security/bulletin/MS16-070
http://www.securityfocus.com/archive/1/archive/1/538685/100/0/threaded
http://www.securitytracker.com/id/1036093
https://www.securify.nl/advisory/SFY20150804/microsoft_visio_multiple_dll_side_loading_vulnerabilities.html
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-3233