JSON View XML View

Key Value
MTID M116176
Title (MS16-148) Microsoft Office Security Bypass II (3204068)
Description A vulnerability in some versions of Microsoft Office could lead to a security bypass.
Observation A vulnerability in some versions of Microsoft Office could lead to a security bypass.

The flaw occurs when Microsoft Office improperly checks registry settings when an attempt is made to run embedded content. Successful exploitation could allow a remote attacker to bypass intended access restrictions.
Recommendation The vendor has released an update to address this issue.

https://technet.microsoft.com/library/security/MS16-148

Vendor Microsoft
Attack Vector Maliciously Crafted File
Importance 5
Impact 6.44297671875
Threat Score 6.82
Labels
Patch Tuesday
References
CVECVE-2016-7266
MSFTBulletinMS16-148
MSFTQNumber3204068
DISA IAVA2016-A-0345
MTIDM116176
CPEs
cpe:/a:microsoft:excel_viewer
cpe:/a:microsoft:excel:2007:sp3
cpe:/a:microsoft:office_compatibility_pack::sp3
cpe:/a:microsoft:excel:2010:sp2
cpe:/a:microsoft:excel:2010:sp2:x64
cpe:/a:microsoft:excel_2013:rt:sp1
cpe:/a:microsoft:excel:2013:sp1:x64
cpe:/a:microsoft:excel:2016:mac
Created At 2016-12-13 00:00:00 UTC
Updated At 2017-02-16 15:09:51 UTC

Back