CVE-2016-0122
Summary
| CVE | CVE-2016-0122 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2016-04-12 23:59:00 UTC |
| Updated | 2018-10-12 22:11:00 UTC |
| Description | Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Word 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." |
Risk And Classification
Problem Types: CWE-119
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Microsoft | Excel | 2007 | sp3 | All | All |
| Application | Microsoft | Excel | 2010 | sp2 | All | All |
| Application | Microsoft | Excel | 2013 | sp1 | All | All |
| Application | Microsoft | Excel | 2013 | sp1 | All | All |
| Application | Microsoft | Excel | 2016 | All | All | All |
| Application | Microsoft | Excel | 2007 | sp3 | All | All |
| Application | Microsoft | Excel | 2010 | sp2 | All | All |
| Application | Microsoft | Excel | 2013 | sp1 | All | All |
| Application | Microsoft | Excel | 2013 | sp1 | All | All |
| Application | Microsoft | Excel | 2016 | All | All | All |
| Application | Microsoft | Excel Viewer | All | All | All | All |
| Application | Microsoft | Excel Viewer | All | All | All | All |
| Application | Microsoft | Office Compatibility Pack | All | sp3 | All | All |
| Application | Microsoft | Office Compatibility Pack | All | sp3 | All | All |
| Application | Microsoft | Word For Mac | 2016 | All | All | All |
| Application | Microsoft | Word For Mac | 2016 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Microsoft Office Excel Out-of-Bounds Read Remote Code Execution MS16-042 | EXPLOIT-DB | www.exploit-db.com | |
| Microsoft Security Bulletin MS16-042 - Critical | Microsoft Docs | MS | docs.microsoft.com | |
| Microsoft Office File Processing Multiple Memory Corruption Flaws Let Remote Users Execute Arbitrary Code - SecurityTracker | SECTRACK | www.securitytracker.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.