Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2016-7264 | First vendor Publication | 2016-12-20 |
Vendor | Cve | Last vendor Modification | 2018-10-12 |
Security-Database Scoring CVSS v3
Cvss vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H | |||
---|---|---|---|
Overall CVSS Score | 7.1 | ||
Base Score | 7.1 | Environmental Score | 7.1 |
impact SubScore | 5.2 | Temporal Score | 7.1 |
Exploitabality Sub Score | 1.8 | ||
Attack Vector | Local | Attack Complexity | Low |
Privileges Required | None | User Interaction | Required |
Scope | Unchanged | Confidentiality Impact | High |
Integrity Impact | None | Availability Impact | High |
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:P/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 5.8 | Attack Range | Network |
Cvss Impact Score | 4.9 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, Excel for Mac 2011, and Excel 2016 for Mac allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted document, aka "Microsoft Office Information Disclosure Vulnerability." |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7264 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-125 | Out-of-bounds Read |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Application | 2 | |
Application | 1 | |
Application | 1 |
Snort® IPS/IDS
Date | Description |
---|---|
2018-08-16 | Microsoft Office Excel ddeService command execution attempt RuleID : 47176 - Revision : 1 - Type : FILE-OFFICE |
2018-08-16 | Microsoft Office Excel ddeService command execution attempt RuleID : 47175 - Revision : 2 - Type : FILE-OFFICE |
2017-01-10 | Microsoft Office Excel insecure workbook load via reference to named share at... RuleID : 40978 - Revision : 2 - Type : FILE-OFFICE |
2017-01-10 | Microsoft Office Excel insecure workbook load via reference to named share at... RuleID : 40977 - Revision : 2 - Type : FILE-OFFICE |
2017-01-10 | Microsoft Office Publisher out of bounds read attempt RuleID : 40966 - Revision : 2 - Type : FILE-OFFICE |
2017-01-10 | Microsoft Office Publisher out of bounds read attempt RuleID : 40965 - Revision : 2 - Type : FILE-OFFICE |
2017-01-10 | Microsoft Office Excel type confusion attempt RuleID : 40964 - Revision : 2 - Type : FILE-OFFICE |
2017-01-10 | Microsoft Office Excel type confusion attempt RuleID : 40963 - Revision : 2 - Type : FILE-OFFICE |
2017-01-10 | Microsoft Office OLE DLL side load attempt RuleID : 40962 - Revision : 2 - Type : FILE-OTHER |
2017-01-10 | Microsoft Office OLE DLL side load attempt RuleID : 40961 - Revision : 2 - Type : FILE-OTHER |
2017-01-10 | Microsoft Office Excel ddeService command execution attempt RuleID : 40960 - Revision : 3 - Type : FILE-OFFICE |
2017-01-10 | Microsoft Office Excel ddeService command execution attempt RuleID : 40959 - Revision : 3 - Type : FILE-OFFICE |
2017-01-10 | Microsoft Office Excel security descriptor out of bounds read attempt RuleID : 40958 - Revision : 3 - Type : FILE-OFFICE |
2017-01-10 | Microsoft Office Excel security descriptor out of bounds read attempt RuleID : 40957 - Revision : 3 - Type : FILE-OFFICE |
2017-01-10 | Microsoft Office Word XST structure out of bounds read attempt RuleID : 40952 - Revision : 2 - Type : FILE-OFFICE |
2017-01-10 | Microsoft Office Word XST structure out of bounds read attempt RuleID : 40951 - Revision : 2 - Type : FILE-OFFICE |
2017-01-10 | Microsoft Office Excel CrtMlFrt record out of bounds read attempt RuleID : 40945 - Revision : 3 - Type : FILE-OFFICE |
2017-01-10 | Microsoft Office Excel CrtMlFrt record out of bounds read attempt RuleID : 40944 - Revision : 3 - Type : FILE-OFFICE |
2017-01-10 | Microsoft Office PowerPoint OpenType font overly large instructionLength out ... RuleID : 40939 - Revision : 2 - Type : FILE-OFFICE |
2017-01-10 | Microsoft Office PowerPoint OpenType font overly large instructionLength out ... RuleID : 40938 - Revision : 2 - Type : FILE-OFFICE |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-12-14 | Name : An application installed on the remote macOS or Mac OS X host is affected by ... File : macosx_ms16-148_office.nasl - Type : ACT_GATHER_INFO |
2016-12-14 | Name : An application installed on the remote host is affected by multiple vulnerabi... File : smb_nt_ms16-148.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Source | Url |
---|---|
BID | http://www.securityfocus.com/bid/94769 |
MS | https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16... |
SECTRACK | http://www.securitytracker.com/id/1037441 |
Alert History
Date | Informations |
---|---|
2021-05-04 12:53:17 |
|
2021-04-22 02:05:24 |
|
2020-05-23 00:53:06 |
|
2018-10-13 05:19:07 |
|
2016-12-24 05:33:45 |
|
2016-12-23 12:32:18 |
|
2016-12-22 21:23:19 |
|
2016-12-22 09:24:09 |
|
2016-12-21 17:23:43 |
|
2016-12-20 12:03:56 |
|