CVE-2016-0134
Status: Modified
Last modified:
12-10-2018
Published:
09-03-2016
7.8
SUMMARY CVE-2016-0134
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, Office Web Apps 2010 SP2, and Web Apps Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
Access CVSS3 CVE-2016-0134
Attack Complexity | Attack Vector | Privileges Required | Scope | User Interaction |
---|---|---|---|---|
LOW | LOCAL | NONE | UNCHANGED | REQUIRED |
Impact CVSS3 CVE-2016-0134
Confidentiality | Integrity | Availability |
---|---|---|
HIGH | HIGH | HIGH |
Details CVE-2016-0134
EPSS | 0.53042 |
---|---|
EPSS % | 0.97666 |
References | |
CWE | CWE-119 |
CAPEC |
|
Vulnerable Configurations |
|
CVSS3 Source | nvd@nist.gov |
CVSS3 Type | Primary |
CVSS3 Vector | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |