Vulnerability CVE-2016-0136

Vulnerability Name:

CVE-2016-0136 (CCN-111856)

Assigned:

2015-12-04

Published:

2016-04-12

Updated:

2018-10-12

Summary:

Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, Excel Services on SharePoint Server 2007 SP3, and Excel Services on SharePoint Server 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

CVSS v3 Severity:

7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Attack Complexity (AC): Privileges Required (PR): User Interaction (UI):
Scope:	Scope (S):
Impact Metrics:	Confidentiality (C): Integrity (I): Availibility (A):

7.8 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
6.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Attack Complexity (AC): Privileges Required (PR): User Interaction (UI):
Scope:	Scope (S):
Impact Metrics:	Confidentiality (C): Integrity (I): Availibility (A):

CVSS v2 Severity:

9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

6.8 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

CWE-119

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2016-0136

Source: CCN
Type: Microsoft Security Bulletin MS16-042
Security Update for Microsoft Office (3148775)

Source: CCN
Type: Microsoft Security Bulletin MS16-054
Security Update for Microsoft Office (3155544)

Source: CCN
Type: Microsoft Security Bulletin MS16-070
Security Update for Office (3163610)

Source: CCN
Type: Microsoft Security Bulletin MS16-088
Security Updates for Office (3170008)

Source: CCN
Type: Microsoft Security Bulletin MS16-099
Security Update for Office (3177451)

Source: CCN
Type: Microsoft Security Bulletin MS16-107
Security Update for Microsoft Office (3185852)

Source: CCN
Type: Microsoft Security Bulletin MS16-121
Security Update for Microsoft Office (3194063)

Source: CCN
Type: Microsoft Security Bulletin MS16-133
Security Update for Microsoft Office (3199168)

Source: CCN
Type: Microsoft Security Bulletin MS16-148
Security Update for Microsoft Office (3204068)

Source: CCN
Type: Microsoft Security Bulletin MS17-002
Security Update for Microsoft Office (3214291)

Source: CCN
Type: Microsoft Security Bulletin MS17-013
Security Update for Microsoft Graphics Component (4013075)

Source: CCN
Type: Microsoft Security Bulletin MS17-014
Security Update for Microsoft Office (4013241)

Source: SECTRACK
Type: UNKNOWN
1035524

Source: SECTRACK
Type: UNKNOWN
1035525

Source: MS
Type: UNKNOWN
MS16-042

Source: XF
Type: UNKNOWN
ms-office-cve20160136-code-exec(111856)

Source: IDEFENSE
Type: UNKNOWN
20160412 Microsoft Excel Uninitialized Pointer Memory Corruption Vulnerability

Vulnerable Configuration:

Configuration 1:

cpe:/a:microsoft:excel:2007:sp3:*:*:*:*:*:*

OR cpe:/a:microsoft:excel:2010:sp2:*:*:*:*:*:*

OR cpe:/a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*

OR cpe:/a:microsoft:sharepoint_designer:2007:sp3:*:*:*:*:*:*

OR cpe:/a:microsoft:sharepoint_foundation:2010:sp2:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:microsoft:word_viewer:*:*:*:*:*:*:*:*

OR cpe:/a:microsoft:office:2007:sp3:*:*:*:*:*:*

OR cpe:/a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*

OR cpe:/a:microsoft:word:2007:sp3:*:*:*:*:*:*

OR cpe:/a:microsoft:infopath:2007:sp3:*:*:*:*:*:*

OR cpe:/a:microsoft:office:2010:sp2:*:*:*:*:x64:*

OR cpe:/a:microsoft:office:2010:sp2:x32:*:*:*:*:*

OR cpe:/a:microsoft:word:2010:sp2:*:*:*:*:x32:*

OR cpe:/a:microsoft:word:2010:sp2:*:*:*:*:x64:*

OR cpe:/a:microsoft:office_web_apps:2010:sp2:*:*:*:*:*:*

OR cpe:/a:microsoft:office_web_apps:2013:sp1:*:*:*:*:*:*

OR cpe:/a:microsoft:office:2013:sp1:x32:*:*:*:*:*

OR cpe:/a:microsoft:word:2013:sp1:*:*:*:*:x32:*

OR cpe:/a:microsoft:word:2013:sp1:*:*:*:*:x64:*

OR cpe:/a:microsoft:word:2013:sp1:*:*:rt:*:*:*

OR cpe:/a:microsoft:office:2016:*:x32:*:*:*:*:*

AND

cpe:/a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:*

OR cpe:/a:microsoft:sharepoint_server:2013:sp1:*:*:*:*:*:*

Denotes that component is vulnerable