Vulnerability CVE-2016-0025

Vulnerability Name:

CVE-2016-0025 (CCN-113635)

Assigned:

2015-12-04

Published:

2016-06-14

Updated:

2018-10-12

Summary:

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office 2016, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, Office Web Apps Server 2013 SP1, and Office Online Server allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

CVSS v3 Severity:

7.3 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)
6.4 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Attack Complexity (AC): Privileges Required (PR): User Interaction (UI):
Scope:	Scope (S):
Impact Metrics:	Confidentiality (C): Integrity (I): Availibility (A):

8.4 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
7.3 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Attack Complexity (AC): Privileges Required (PR): User Interaction (UI):
Scope:	Scope (S):
Impact Metrics:	Confidentiality (C): Integrity (I): Availibility (A):

CVSS v2 Severity:

9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

7.2 High (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

CWE-20

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2016-0025

Source: CCN
Type: Microsoft Security Bulletin MS16-070
Security Update for Office (3163610)

Source: CCN
Type: Microsoft Security Bulletin MS16-088
Security Updates for Office (3170008)

Source: CCN
Type: Microsoft Security Bulletin MS16-099
Security Update for Office (3177451)

Source: CCN
Type: Microsoft Security Bulletin MS16-107
Security Update for Microsoft Office (3185852)

Source: CCN
Type: Microsoft Security Bulletin MS16-121
Security Update for Microsoft Office (3194063)

Source: CCN
Type: Microsoft Security Bulletin MS16-133
Security Update for Microsoft Office (3199168)

Source: CCN
Type: Microsoft Security Bulletin MS16-148
Security Update for Microsoft Office (3204068)

Source: CCN
Type: Microsoft Security Bulletin MS17-002
Security Update for Microsoft Office (3214291)

Source: CCN
Type: Microsoft Security Bulletin MS17-013
Security Update for Microsoft Graphics Component (4013075)

Source: CCN
Type: Microsoft Security Bulletin MS17-014
Security Update for Microsoft Office (4013241)

Source: SECTRACK
Type: UNKNOWN
1036093

Source: MS
Type: UNKNOWN
MS16-070

Source: XF
Type: UNKNOWN
ms-office-cve20160025-code-exec(113635)

Vulnerable Configuration:

Configuration 1:

cpe:/a:microsoft:office:2010:sp2:*:*:*:*:*:*

OR cpe:/a:microsoft:office:2016:*:*:*:*:*:*:*

OR cpe:/a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*

OR cpe:/a:microsoft:office_online_server:-:*:*:*:*:*:*:*

OR cpe:/a:microsoft:office_web_apps:2010:sp2:*:*:*:*:*:*

OR cpe:/a:microsoft:office_web_apps_server:2013:sp1:*:*:*:*:*:*

OR cpe:/a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:*

OR cpe:/a:microsoft:sharepoint_server:2013:sp1:*:*:*:*:*:*

OR cpe:/a:microsoft:word:2007:sp3:*:*:*:*:*:*

OR cpe:/a:microsoft:word:2010:sp2:*:*:*:*:*:*

OR cpe:/a:microsoft:word:2013:sp1:*:*:*:*:*:*

OR cpe:/a:microsoft:word:2013:sp1:*:*:rt:*:*:*

OR cpe:/a:microsoft:word:2016:*:*:*:*:*:*:*

OR cpe:/a:microsoft:word_for_mac:2011:*:*:*:*:*:*:*

OR cpe:/a:microsoft:word_for_mac:2016:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:microsoft:office:2011:*:*:*:*:mac:*:*

OR cpe:/a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*

OR cpe:/a:microsoft:word:2007:sp3:*:*:*:*:*:*

OR cpe:/a:microsoft:office:2010:sp2:*:*:*:*:x64:*

OR cpe:/a:microsoft:office:2010:sp2:x32:*:*:*:*:*

OR cpe:/a:microsoft:word:2010:sp2:*:*:*:*:x32:*

OR cpe:/a:microsoft:word:2010:sp2:*:*:*:*:x64:*

OR cpe:/a:microsoft:office_web_apps:2010:sp2:*:*:*:*:*:*

OR cpe:/a:microsoft:office_web_apps:2013:sp1:*:*:*:*:*:*

OR cpe:/a:microsoft:sharepoint_server:2013:sp1:*:*:*:*:*:*

OR cpe:/a:microsoft:word:2013:sp1:*:*:*:*:x32:*

OR cpe:/a:microsoft:word:2013:sp1:*:*:*:*:x64:*

OR cpe:/a:microsoft:word:2013:sp1:*:*:rt:*:*:*

OR cpe:/a:microsoft:word:2016:*:*:*:*:*:x32:*

OR cpe:/a:microsoft:word:2016:*:*:*:*:*:x64:*

OR cpe:/a:microsoft:office:2016:*:x32:*:*:*:*:*

OR cpe:/a:microsoft:office:2016:*:*:*:*:*:x64:*

OR cpe:/a:microsoft:office:2016:*:*:*:*:mac:*:*

OR cpe:/a:microsoft:office_online_server:*:*:*:*:*:*:*:*

AND

cpe:/a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:*

Denotes that component is vulnerable