VDB
CVE-2016-0136
CVE-2016-0136
PUBLISHED
CVSS 9.300000190734863 CRITICAL
Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, Excel Services on SharePoint Server 2007 SP3, and Excel Services on SharePoint Server 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
EPSS 40.64% · 97.4th percentile
Risk Scores
CVSS 2.0
9.300000190734863
EPSS Score
40.64%
97.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| microsoft | office_compatibility_pack | |
| microsoft | excel | 2007, 2010 |
| microsoft | sharepoint_foundation | 2010 |
| microsoft | sharepoint_designer | 2007 |
| n/a | n/a | n/a |
Exploit Intelligence
- MS16-042 (circl)
- 20160412 Microsoft Excel Uninitialized Pointer Memory Corruption Vulnerability (circl)
- 1035525 (circl)
- 1035524 (circl)
Timeline
- Apr 12, 2016 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Feb 14, 2023 EPSS Score
- Mar 16, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- Jul 16, 2023 EPSS Score
- Sep 7, 2023 EPSS Score
References
- https://technet.microsoft.com/fr-fr/library/security/ms16-042 advisory
- https://technet.microsoft.com/fr-fr/library/security/ms16-039 advisory
- MS16-042 vendor-advisory
- 20160412 Microsoft Excel Uninitialized Pointer Memory Corruption Vulnerability third-party-advisory
- 1035525 vdb
- 1035524 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2016-0136 advisory