JSON View XML View

Key Value
MTID M115005
Title (MS16-121) Microsoft Office Memory Corruption Remote Code Execution (3194063)
Description A vulnerability in some versions of Microsoft Office could lead to remote code execution.
Observation A vulnerability in some versions of Microsoft Office could lead to remote code execution.


The flaw occurs when the Office software fails to properly handle objects in memory. Successful exploitation by a remote attacker could result in the execution of arbitrary code.
Recommendation The vendor has released an update to address this issue.

https://technet.microsoft.com/library/security/MS16-121

Superseded patch information:

The patches for the following products are superseded by patches provided in: MS16-133
- Microsoft Office 2010 32-Bit Edition: KB3127951
- Microsoft Office 2010 64-Bit Edition: KB3127951
- Microsoft Office Compatibility Pack Service Pack 3: KB3127948
- Microsoft Office Web Apps Server 2013 farm-deployment: KB3127929
- Microsoft Office Word 2007: KB3127949
- Microsoft SharePoint Enterprise Server 2013 farm-deployment: KB3127927
- Microsoft SharePoint Server 2010 farm-deployment: KB3127950
- Microsoft Web Applications farm-deployment: KB3127954
- Microsoft Word 2010 32-Bit Edition: KB3127953
- Microsoft Word 2010 64-Bit Edition: KB3127953
- Microsoft Word 2013 32-Bit Edition: KB3127932
- Microsoft Word 2013 64-Bit Edition: KB3127932

https://technet.microsoft.com/library/security/MS16-133

Vendor Microsoft
Attack Vector Maliciously Crafted File
Importance 9
Impact 10.00084536000
Threat Score 9.33
Labels
Patch Tuesday
References
CVECVE-2016-7193
MSFTBulletinMS16-121
MSFTQNumber3194063
DISA IAVA2016-A-0280
MTIDM115005
CPEs
cpe:/a:microsoft:word:2007:sp3
cpe:/a:microsoft:word_viewer
cpe:/a:microsoft:office_compatibility_pack::sp3
cpe:/a:microsoft:word:2010:sp2
cpe:/a:microsoft:office_web_apps:2010:sp2
cpe:/a:microsoft:word:2010:sp2:x64
cpe:/a:microsoft:office_web_apps:2013:sp1
cpe:/a:microsoft:office:2010:sp2:x86
cpe:/a:microsoft:office_sharepoint_server:2013_sp1
cpe:/a:microsoft:word:2013:sp1:x86
cpe:/a:microsoft:word:2013:sp1:x64
cpe:/a:microsoft:word:2013:sp1:rt
cpe:/a:microsoft:word_for_mac:2011
cpe:/a:microsoft:sharepoint_server:2010_sp2_x64
cpe:/a:microsoft:word:2016::x64
cpe:/a:microsoft:word:2016
cpe:/a:microsoft:word:2016:2016
cpe:/a:microsoft:office:online_server
Created At 2016-10-11 00:00:00 UTC
Updated At 2016-11-19 10:31:35 UTC

Back