CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-3279

Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Excel 2013 SP1, PowerPoint 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Excel 2016, Word 2016, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code via a crafted XLA file, aka "Microsoft Office Remote Code Execution Vulnerability."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.258

EPSS Ranking 95.9%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 4.3

References

Products affected by CVE-2016-3279

Microsoft » Excel » Version: 2010

cpe:2.3:a:microsoft:excel:2010
Microsoft » Excel » Version: 2013

cpe:2.3:a:microsoft:excel:2013
Microsoft » Excel » Version: 2016

cpe:2.3:a:microsoft:excel:2016
Microsoft » Excel Rt » Version: 2013

cpe:2.3:a:microsoft:excel_rt:2013
Microsoft » Office » Version: 2010

cpe:2.3:a:microsoft:office:2010
Microsoft » Office Web Apps » Version: 2010

cpe:2.3:a:microsoft:office_web_apps:2010
Microsoft » Powerpoint » Version: 2010

cpe:2.3:a:microsoft:powerpoint:2010
Microsoft » Powerpoint » Version: 2013

cpe:2.3:a:microsoft:powerpoint:2013
Microsoft » Powerpoint Rt » Version: 2013

cpe:2.3:a:microsoft:powerpoint_rt:2013
Microsoft » Sharepoint Server » Version: 2010

cpe:2.3:a:microsoft:sharepoint_server:2010
Microsoft » Word » Version: 2010

cpe:2.3:a:microsoft:word:2010
Microsoft » Word » Version: 2013

cpe:2.3:a:microsoft:word:2013
Microsoft » Word » Version: 2016

cpe:2.3:a:microsoft:word:2016
Microsoft » Word Rt » Version: 2013

cpe:2.3:a:microsoft:word_rt:2013

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-3279

Products

Pricing

Contact Us