Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA10842
HistoryJul 12, 2016 - 12:00 a.m.

KLA10842 Multiple code execution vulnerabilities in Microsoft Office

2016-07-1200:00:00
Kaspersky Lab
threats.kaspersky.com
21

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

High

0.7 High

EPSS

Percentile

98.0%

JSON

An improper memory objects handling and XLA files handling were found in Microsoft Office. By exploiting these vulnerabilities malicious users can execute arbitrary code. These vulnerabilities can be exploited remotely via a specially designed files.

Technical details

To mitigate some of these vulnerabilities you can block RTF files from opening. More information about this workaround you can find at MS16-088 advisory listed below.

Original advisories

CVE-2016-3278

CVE-2016-3279

CVE-2016-3280

CVE-2016-3281

CVE-2016-3282

CVE-2016-3283

CVE-2016-3284

Related products

Microsoft-Office

Microsoft-Sharepoint-Server

CVE list

CVE-2016-3278 critical

CVE-2016-3279 warning

CVE-2016-3280 critical

CVE-2016-3281 critical

CVE-2016-3282 critical

CVE-2016-3283 critical

CVE-2016-3284 critical

KB list

3115289

3115285

3115386

3115246

3115309

3115308

3115262

3115301

3115322

3115306

3115299

3115393

3115259

3115118

3115292

3115395

3115114

3170460

3170463

3115318

3115272

3115312

3115311

3115279

3115317

3115315

3115254

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

  • ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

  • SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

Affected Products

  • Office Online ServerMicrosoft Office 2007 Service Pack 3Microsoft Office 2010 Service Pack 2Microsoft Office 2013 Service Pack 1Microsoft Office 2013 RT Service Pack 1Microsoft Office 2016Microsoft Office for Mac 2011Microsoft Office 2016 for MacMicrosoft Office Compatibility Pack Service Pack 3Microsoft Excel and Word ViewersMicrosoft SharePoint Server 2010 Service Pack 2Microsoft SharePoint Server 2013 Service Pack 1Microsoft SharePoint Server 2016Microsoft Office Web Apps 2010 Service Pack 2Microsoft Office Web Apps 2013 Service Pack 1

References

Related

nessus 2
mskb 28
openvas 11
prion 7
symantec 7
mscve 7
nvd 7
checkpoint_advisories 6
cve 7
cvelist 7
nessus
nessus
MS16-088: Security Update for Microsoft Office (3170008)
2016-07-12 00:00:00
MS16-088: Security Update for Microsoft Office (3170008) (Mac OS X)
2016-07-12 00:00:00
mskb
mskb
MS16-088: Security update for Microsoft Office: July 12, 2016
2016-07-12 00:00:00
MS16-088: Description of the security update for Word 2013: July 12, 2016
2016-07-12 07:00:00
MS16-088: Description of the security update for Word 2010: July 12, 2016
2016-07-12 07:00:00
openvas
openvas
Microsoft Office Multiple Remote Code Execution Vulnerabilities (3170008) - Mac OS X
2016-07-13 00:00:00
Microsoft Office Word Multiple Vulnerabilities (3170008)
2016-07-13 00:00:00
Microsoft Office Compatibility Pack Multiple RCE Vulnerabilities (3170008)
2016-07-13 00:00:00
prion
prion
Memory corruption
2016-07-13 01:59:00
Memory corruption
2016-07-13 01:59:00
Remote code execution
2016-07-13 01:59:00
symantec
symantec
Microsoft Office CVE-2016-3279 Remote Code Execution Vulnerability
2016-07-12 00:00:00
Microsoft Office CVE-2016-3284 Memory Corruption Vulnerability
2016-07-12 00:00:00
Microsoft Office CVE-2016-3283 Memory Corruption Vulnerability
2016-07-12 00:00:00
mscve
mscve
Microsoft Office Security Feature Bypass Vulnerability
2016-07-12 07:00:00
Microsoft Office Memory Corruption Vulnerability
2016-07-12 07:00:00
Microsoft Office Memory Corruption Vulnerability
2016-07-12 07:00:00
nvd
nvd
CVE-2016-3279
2016-07-13 01:59:33
CVE-2016-3283
2016-07-13 01:59:37
CVE-2016-3284
2016-07-13 01:59:38
checkpoint_advisories
checkpoint_advisories
Microsoft Office Memory Corruption (MS16-088: CVE-2016-3283)
2016-07-12 00:00:00
Microsoft Office Memory Corruption (MS16-088: CVE-2016-3284)
2016-07-12 00:00:00
Microsoft Office Remote Code Execution (MS16-088: CVE-2016-3279)
2016-07-12 00:00:00
cve
cve
CVE-2016-3279
2016-07-13 01:59:33
CVE-2016-3283
2016-07-13 01:59:37
CVE-2016-3284
2016-07-13 01:59:38
cvelist
cvelist
CVE-2016-3284
2016-07-13 01:00:00
CVE-2016-3283
2016-07-13 01:00:00
CVE-2016-3278
2016-07-13 01:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

High

0.7 High

EPSS

Percentile

98.0%

JSON
Related for KLA10842
nessus2mskb28openvas11prion7symantec7mscve7nvd7checkpoint_advisories6cve7cvelist7