Lucene search

Kaspersky LabKLA10827

HistoryJun 14, 2016 - 12:00 a.m.

KLA10827 Multiple vulnerabilities in Microsoft Office

2016-06-1400:00:00

Kaspersky Lab

threats.kaspersky.com

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.1 High

AI Score

Confidence

High

0.209 Low

EPSS

Percentile

96.4%

JSON

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges or obtain sensitive information.

Below is a complete list of vulnerabilities

An improper memory objects handling can be exploited remotely via a specially designed document to execute arbitrary code;
An improper memory content disclosure can be exploited remotely via a specially designed document to obtain sensitive information;
An improper input validation can be exploited locally via a specially designed application to gain privileges.

Technical details

Vulnerability (2) can be mitigated via using Microsoft Office Block policy or preventing Word from loading RTF files. For further instructions take a look at original advisory.

Original advisories

Related products

Microsoft-Office

Microsoft-Sharepoint-Server

CVE list

CVE-2016-0025 critical

CVE-2016-3235 critical

CVE-2016-3234 warning

CVE-2016-3233 critical

KB list

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

Affected Products

Microsoft Office 2007 Service Pack 3Microsoft Office 2010 Service Pack 2Microsoft Office 2013 Service Pack 1Microsoft Office 2013 RT Service Pack 1Microsoft Office 2016Microsoft Office for Mac 2011Microsoft Office 2016 for MacMicrosoft Office Compatibility Pack Service Pack 3Microsoft Word ViewerMicrosoft Visio Viewer 2007 Service Pack 3Microsoft Visio Viewer 2010Microsoft SharePoint Server 2010 Service Pack 2Microsoft SharePoint Server 2013 Service Pack 1Microsoft Office Web Apps 2010 Service Pack 2Microsoft Office Web Apps 2013 Service Pack 1Office Online Server