7.1

CVE-2016-7276

EPSS 8.55%
Published 20.12.2016 06:59:00
Last modified 12.04.2025 10:46:40
Source secure@microsoft.com
Teams watchlist Login
Open Login

Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office for Mac 2011, and Office 2016 for Mac allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted document, aka "Microsoft Office Information Disclosure Vulnerability."

Affected products Warnungen 0 Metrics 3 CWE 1 References 6

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Office Version2007 Updatesp3

Microsoft ≫ Office Version2010 Updatesp2

Microsoft ≫ Office Version2013 Updatesp1

Microsoft ≫ Office For Mac Version2011

Microsoft ≫ Office For Mac Version2016

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	8.55%	0.92

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.1	1.8	5.2	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
nvd@nist.gov	5.8	8.6	4.9	AV:N/AC:M/Au:N/C:P/I:N/A:P

CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

http://www.securitytracker.com/id/1037441

Third Party Advisory

VDB Entry

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-148

http://www.securityfocus.com/bid/94666

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2016-7276

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-7276

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-7276

EUVD