CVE-2016-0136 — Vulnetix

Try Vulnetix Request Demo

CVE-2016-0136 PUBLISHED CVSS 9.300000190734863 CRITICAL

Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, Excel Services on SharePoint Server 2007 SP3, and Excel Services on SharePoint Server 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

EPSS 40.64% · 97.3th percentile

Risk Scores

CVSS v2.0

9.300000190734863

EPSS Score

40.64%

97.3th percentile

Affected Products

Vendor	Product	Versions
microsoft	office_compatibility_pack
microsoft	excel	2007, 2010
microsoft	sharepoint_foundation	2010
microsoft	sharepoint_designer	2007
n/a	n/a	n/a

Timeline

Apr 12, 2016 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Feb 14, 2023 EPSS Score
Mar 16, 2023 EPSS Score
Mar 28, 2023 EPSS Score
Jul 10, 2023 EPSS Score
Aug 31, 2023 EPSS Score

References

https://technet.microsoft.com/fr-fr/library/security/ms16-042 advisory
https://technet.microsoft.com/fr-fr/library/security/ms16-039 advisory
MS16-042 vendor-advisory
20160412 Microsoft Excel Uninitialized Pointer Memory Corruption Vulnerability third-party-advisory
1035525 vdb
1035524 vdb
https://nvd.nist.gov/vuln/detail/CVE-2016-0136 advisory

Open in Interactive Console →