CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-3234

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1 allow remote attackers to obtain sensitive information from process memory via a crafted Office document, aka "Microsoft Office Information Disclosure Vulnerability."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.359

EPSS Ranking 96.8%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 4.3

References

Products affected by CVE-2016-3234

Microsoft » Office » Version: 2010

cpe:2.3:a:microsoft:office:2010
Microsoft » Office Compatibility Pack » Version: N/A

cpe:2.3:a:microsoft:office_compatibility_pack:-
Microsoft » Office Web Apps » Version: 2010

cpe:2.3:a:microsoft:office_web_apps:2010
Microsoft » Office Web Apps » Version: 2013

cpe:2.3:a:microsoft:office_web_apps:2013
Microsoft » Sharepoint Server » Version: 2010

cpe:2.3:a:microsoft:sharepoint_server:2010
Microsoft » Sharepoint Server » Version: 2013

cpe:2.3:a:microsoft:sharepoint_server:2013
Microsoft » Word » Version: 2007

cpe:2.3:a:microsoft:word:2007
Microsoft » Word » Version: 2010

cpe:2.3:a:microsoft:word:2010
Microsoft » Word Viewer » Version: N/A

cpe:2.3:a:microsoft:word_viewer:-
Microsoft » Word Viewer » Version: 2003

cpe:2.3:a:microsoft:word_viewer:2003

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-3234

Products

Pricing

Contact Us