CVE-2016-7265
Severity CVSS v4.0:
Pending analysis
Type:
CWE-125
Out-of-bounds Read
Publication date:
20/12/2016
Last modified:
12/04/2025
Description
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, and Excel Services on SharePoint Server 2010 SP2 allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted document, aka "Microsoft Office Information Disclosure Vulnerability."
Impact
Base Score 3.x
7.10
Severity 3.x
HIGH
Base Score 2.0
5.80
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:microsoft:excel:2007:sp3:*:*:*:*:*:* | ||
| cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:* | ||
| cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:*:* | ||
| cpe:2.3:a:microsoft:excel:2013:sp1:*:*:rt:*:*:* | ||
| cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:*:* | ||
| cpe:2.3:a:microsoft:excel_viewer:*:*:*:*:*:*:*:* | ||
| cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:* | ||
| cpe:2.3:a:microsoft:sharepoint_server:2007:sp3:*:*:*:*:*:* | ||
| cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://www.securityfocus.com/bid/94721
- http://www.securitytracker.com/id/1037441
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-148
- http://www.securityfocus.com/bid/94721
- http://www.securitytracker.com/id/1037441
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-148