CVE-2016-3381

EUVD-2016-4411
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability," a different vulnerability than CVE-2016-3363.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 95%
Affected Products (NVD)
VendorProductVersion
microsoftexcel_viewer
*
microsoftoffice_compatibility_pack
*
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securitytracker.com/id/1036785
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-107
http://www.securitytracker.com/id/1036785
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-107