Searching
..

Click anywhere to stop

KLA10857
Multiple vulnerabilities in Microsoft Office

Обновлено: 22/01/2024
Дата обнаружения
09/08/2016
Уровень угрозы
Critical
Описание

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to obtain sensitive information or execute arbitrary code.

Below is a complete list of vulnerabilities

  1. An improper memory contents handling at OneNote can be exploited remotely via a specially designed OneNote files to obtain sensitive information;
  2. An improper memory objects handling can be exploited remotely via a specially designed content to execute arbitrary code.
Пораженные продукты

Microsoft Office 2007 Service Pack 3
Microsoft Office 2010 Service Pack 2
Microsoft Office 2013 Service Pack 1
Microsoft Office 2013 RT Service Pack 1
Microsoft Office 2016
Microsoft Office for Mac 2011
Microsoft Office 2016 for Mac
Microsoft Outlook 2007 Service Pack 3
Microsoft Outlook 2010 Service Pack 2
Microsoft Outlook 2013 Service Pack 1
Microsoft Outlook 2016
Microsoft Word Viewer

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
ADV160011
CVE-2016-3304
CVE-2016-3303
CVE-2016-3301
CVE-2016-3318
CVE-2016-3317
CVE-2016-3316
CVE-2016-3315
CVE-2016-3313
Оказываемое влияние
?
ACE 
[?]

OSI 
[?]
Связанные продукты
Microsoft Office
Microsoft Outlook
CVE-IDS
CVE-2016-33049.3Critical
CVE-2016-33039.3Critical
CVE-2016-33019.3Critical
CVE-2016-33189.3Critical
CVE-2016-33179.3Critical
CVE-2016-33169.3Critical
CVE-2016-33154.3Warning
CVE-2016-33139.3Critical