CVE-2016-7233
Published on: 11/10/2016 12:00:00 AM UTC
Last Modified on: 03/23/2021 11:27:06 PM UTC
Certain versions of Excel For Mac from Microsoft contain the following vulnerability:
Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Excel for Mac 2011, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2013 SP1, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted Office document, aka "Microsoft Office Information Disclosure Vulnerability."
- CVE-2016-7233 has been assigned by
[email protected] to track the vulnerability - currently rated as MEDIUM severity.
CVSS3 Score: 6.5 - MEDIUM
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
|
---|---|---|---|---|
NETWORK | LOW | NONE | REQUIRED | |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
|
UNCHANGED | HIGH | NONE | NONE |
CVSS2 Score: 4.3 - MEDIUM
Access Vector ⓘ |
Access Complexity |
Authentication |
---|---|---|
NETWORK | MEDIUM | NONE |
Confidentiality Impact |
Integrity Impact |
Availability Impact |
PARTIAL | NONE | NONE |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
Microsoft Security Bulletin MS16-133 - Important | Microsoft Docs | docs.microsoft.com text/html |
![]() |
Microsoft Office Multiple Flaws Let Remote Users Execute Arbitrary Code, Obtain Potentially Sensitive Information from Memory, and Cause Denial of Service Conditions - SecurityTracker | www.securitytracker.com text/html |
![]() |
Microsoft Office CVE-2016-7233 Information Disclosure Vulnerability | cve.report (archive) text/html |
![]() |
Verisign is a global provider of domain name registry services and internet infrastructure - Verisign | www.verisign.com text/xml |
![]() |
There are currently no QIDs associated with this CVE
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Application | Microsoft | Excel For Mac | 2011 | All | All | All |
Application | Microsoft | Excel For Mac | 2011 | All | All | All |
Application | Microsoft | Office | 2010 | sp2 | All | All |
Application | Microsoft | Office | 2010 | sp2 | All | All |
Application | Microsoft | Office Compatibility Pack | All | sp3 | All | All |
Application | Microsoft | Office Compatibility Pack | All | sp3 | All | All |
Application | Microsoft | Office Web Apps | 2010 | sp2 | All | All |
Application | Microsoft | Office Web Apps | 2010 | sp2 | All | All |
Application | Microsoft | Sharepoint Server | 2013 | sp1 | All | All |
Application | Microsoft | Sharepoint Server | 2013 | sp1 | All | All |
Application | Microsoft | Word | 2007 | All | All | All |
Application | Microsoft | Word | 2010 | sp2 | All | All |
Application | Microsoft | Word | 2007 | All | All | All |
Application | Microsoft | Word | 2010 | sp2 | All | All |
Application | Microsoft | Word Automation Services | - | All | All | All |
Application | Microsoft | Word Automation Services | - | All | All | All |
Application | Microsoft | Word For Mac | 2011 | All | All | All |
Application | Microsoft | Word For Mac | 2011 | All | All | All |
Application | Microsoft | Word Viewer | - | All | All | All |
Application | Microsoft | Word Viewer | - | All | All | All |
- cpe:2.3:a:microsoft:excel_for_mac:2011:*:*:*:*:*:*:*:
- cpe:2.3:a:microsoft:excel_for_mac:2011:*:*:*:*:*:*:*:
- cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:*:
- cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:*:
- cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*:
- cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*:
- cpe:2.3:a:microsoft:office_web_apps:2010:sp2:*:*:*:*:*:*:
- cpe:2.3:a:microsoft:office_web_apps:2010:sp2:*:*:*:*:*:*:
- cpe:2.3:a:microsoft:sharepoint_server:2013:sp1:*:*:*:*:*:*:
- cpe:2.3:a:microsoft:sharepoint_server:2013:sp1:*:*:*:*:*:*:
- cpe:2.3:a:microsoft:word:2007:*:*:*:*:*:*:*:
- cpe:2.3:a:microsoft:word:2010:sp2:*:*:*:*:*:*:
- cpe:2.3:a:microsoft:word:2007:*:*:*:*:*:*:*:
- cpe:2.3:a:microsoft:word:2010:sp2:*:*:*:*:*:*:
- cpe:2.3:a:microsoft:word_automation_services:-:*:*:*:*:*:*:*:
- cpe:2.3:a:microsoft:word_automation_services:-:*:*:*:*:*:*:*:
- cpe:2.3:a:microsoft:word_for_mac:2011:*:*:*:*:*:*:*:
- cpe:2.3:a:microsoft:word_for_mac:2011:*:*:*:*:*:*:*:
- cpe:2.3:a:microsoft:word_viewer:-:*:*:*:*:*:*:*:
- cpe:2.3:a:microsoft:word_viewer:-:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE