CVE-2016-0127 — Vulnetix

Try Vulnetix Request Demo

CVE-2016-0127 PUBLISHED CVSS 7.800000190734863 HIGH

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

EPSS 29.89% · 96.6th percentile

Risk Scores

CVSS v3.0

7.800000190734863

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

29.89%

96.6th percentile

Affected Products

Vendor	Product	Versions
microsoft	word	2013, 2013, 2007
microsoft	office	2010
microsoft	sharepoint_server	2013, 2010
microsoft	word_viewer
microsoft	office_compatibility_pack
n/a	n/a	n/a
microsoft	office_web_apps_server	2013, 2010

Timeline

Apr 12, 2016 CVE Published
Feb 4, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 14, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score
Jul 14, 2023 EPSS Score
Aug 31, 2023 EPSS Score

References

https://technet.microsoft.com/fr-fr/library/security/ms16-042 advisory
https://technet.microsoft.com/fr-fr/library/security/ms16-039 advisory
MS16-042 vendor-advisory
1035525 vdb
1035524 vdb
https://nvd.nist.gov/vuln/detail/CVE-2016-0127 advisory

Open in Interactive Console →