Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2016-7265

Опубликовано: 20 дек. 2016
Источник: nvd
CVSS3: 7.1
CVSS2: 5.8
EPSS Средний

Описание

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, and Excel Services on SharePoint Server 2010 SP2 allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted document, aka "Microsoft Office Information Disclosure Vulnerability."

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:microsoft:excel:2007:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2013:sp1:*:*:rt:*:*:*
cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel_viewer:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:sharepoint_server:2007:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:*

EPSS

Процентиль: 93%
0.11255
Средний

7.1 High

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-125

Связанные уязвимости

msrc логотип

CVE-2016-7265

msrc
больше 8 лет назад

Microsoft Excel Information Disclosure Vulnerability

github логотип

GHSA-46hr-q4hp-w8v2

CVSS3: 7.1
github
около 3 лет назад

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, and Excel Services on SharePoint Server 2010 SP2 allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted document, aka "Microsoft Office Information Disclosure Vulnerability."

EPSS

Процентиль: 93%
0.11255
Средний

7.1 High

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-125