JSON View XML View

Key Value
MTID M115510
Title (MS16-133) Microsoft Office Memory Information Disclosure (3199168)
Description A vulnerability in some versions of Microsoft Office could lead to information disclosure.
Observation A vulnerability in some versions of Microsoft Office could lead to information disclosure.

The flaw lies in the Memory component. Successful exploitation by a remote attacker could result in the disclosure of sensitive information. The exploit requires the user to open a vulnerable website, email or document.
Recommendation The vendor has released an update to address this issue.

https://technet.microsoft.com/library/security/MS16-133

Superseded patch information:

The patches for the following products are superseded by patches provided in: MS16-148
- Microsoft Excel 2010 32-Bit Edition: KB3128037
- Microsoft Excel 2010 64-Bit Edition: KB3128037
- Microsoft Excel 2013 32-Bit Edition: KB3128008
- Microsoft Excel 2013 64-Bit Edition: KB3128008
- Microsoft Excel 2016 32-Bit Edition: KB3128016
- Microsoft Excel 2016 64-Bit Edition: KB3128016
- Microsoft Office 2007 suites: KB3128020
- Microsoft Office 2010 32-Bit Edition: KB3128032
- Microsoft Office 2010 64-Bit Edition: KB3128032
- Microsoft Office Compatibility Pack Service Pack 3: KB3128022
- Microsoft Office Compatibility Pack Service Pack 3: KB3128024
- Microsoft Office Excel 2007: KB3128019
- Microsoft Office Excel Viewer 2007: KB3128023
- Microsoft Office Word 2007: KB3128025
- Microsoft SharePoint Server 2010 farm-deployment: KB3128029
- Microsoft SharePoint Server 2010 farm-deployment: KB3128026
- Microsoft Web Applications farm-deployment: KB3128035
- Microsoft Word 2010 32-Bit Edition: KB3128034
- Microsoft Word 2010 64-Bit Edition: KB3128034

https://technet.microsoft.com/library/security/MS16-148

Vendor Microsoft
Attack Vector Authenticated locally logged on user with limited privileges
Importance 5
Impact 2.8627500
Threat Score 4.3
Labels
Patch Tuesday
References
CVECVE-2016-7233
MSFTBulletinMS16-133
MSFTQNumber3199168
DISA IAVA2016-A-0319
MTIDM115510
CPEs
cpe:/a:microsoft:word:2007
cpe:/a:microsoft:word_viewer
cpe:/a:microsoft:office:2010:sp2:x64
cpe:/a:microsoft:office:2010:sp2
cpe:/a:microsoft:office_compatibility_pack::sp3
cpe:/a:microsoft:word:2010:sp2
cpe:/a:microsoft:office_sharepoint_server:2013_sp1
cpe:/a:microsoft:word_web_apps:2010:sp2
cpe:/a:microsoft:word:2010_sp2_x64
Created At 2016-11-08 00:00:00 UTC
Updated At 2017-02-16 15:09:51 UTC

Back