CVE-2016-7233 - Vulnerability Details

Vendors	Products
Microsoft	Excel For Mac Office Office Compatibility Pack Office Web Apps Sharepoint Server Word Word Automation Services Word For Mac Word Viewer

Link	Providers
http://www.securityfocus.com/bid/94031
http://www.securitytracker.com/id/1037246
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-133
https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1232

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-11-08T00:00:00", "descriptions": [{"lang": "en", "value": "Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Excel for Mac 2011, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2013 SP1, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted Office document, aka \"Microsoft Office Information Disclosure Vulnerability.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-12T19:57:01", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft"}, "references": [{"name": "20161108 Microsoft Office Out-of-Bounds Read Information Leak Vulnerability", "tags": ["third-party-advisory", "x_refsource_IDEFENSE"], "url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1232"}, {"name": "MS16-133", "tags": ["vendor-advisory", "x_refsource_MS"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-133"}, {"name": "94031", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/94031"}, {"name": "1037246", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1037246"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@microsoft.com", "ID": "CVE-2016-7233", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Excel for Mac 2011, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2013 SP1, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted Office document, aka \"Microsoft Office Information Disclosure Vulnerability.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20161108 Microsoft Office Out-of-Bounds Read Information Leak Vulnerability", "refsource": "IDEFENSE", "url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1232"}, {"name": "MS16-133", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-133"}, {"name": "94031", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94031"}, {"name": "1037246", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037246"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T01:57:47.600Z"}, "title": "CVE Program Container", "references": [{"name": "20161108 Microsoft Office Out-of-Bounds Read Information Leak Vulnerability", "tags": ["third-party-advisory", "x_refsource_IDEFENSE", "x_transferred"], "url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1232"}, {"name": "MS16-133", "tags": ["vendor-advisory", "x_refsource_MS", "x_transferred"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-133"}, {"name": "94031", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/94031"}, {"name": "1037246", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1037246"}]}]}, "cveMetadata": {"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2016-7233", "datePublished": "2016-11-10T06:16:00", "dateReserved": "2016-09-09T00:00:00", "dateUpdated": "2024-08-06T01:57:47.600Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2016-11-08T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Excel for Mac 2011, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2013 SP1, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted Office document, aka "Microsoft Office Information Disclosure Vulnerability." (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2018-10-12T19:57:01 (string)

orgId : f38d906d-7342-40ea-92c1-6c4a2c6478c8 (string)

shortName : microsoft (string)

}

references : [ »

0 : { »

name : 20161108 Microsoft Office Out-of-Bounds Read Information Leak Vulnerability (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_IDEFENSE (string)

]

url : https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1232 (string)

}

1 : { »

name : MS16-133 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_MS (string)

]

url : https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-133 (string)

}

2 : { »

name : 94031 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

]

url : http://www.securityfocus.com/bid/94031 (string)

}

3 : { »

name : 1037246 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

]

url : http://www.securitytracker.com/id/1037246 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : secure@microsoft.com (string)

ID : CVE-2016-7233 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Excel for Mac 2011, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2013 SP1, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted Office document, aka "Microsoft Office Information Disclosure Vulnerability." (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : 20161108 Microsoft Office Out-of-Bounds Read Information Leak Vulnerability (string)

refsource : IDEFENSE (string)

url : https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1232 (string)

}

1 : { »

name : MS16-133 (string)

refsource : MS (string)

url : https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-133 (string)

}

2 : { »

name : 94031 (string)

refsource : BID (string)

url : http://www.securityfocus.com/bid/94031 (string)

}

3 : { »

name : 1037246 (string)

refsource : SECTRACK (string)

url : http://www.securitytracker.com/id/1037246 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-06T01:57:47.600Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : 20161108 Microsoft Office Out-of-Bounds Read Information Leak Vulnerability (string)

tags : [ »

0 : third-party-advisory (string)

1 : x_refsource_IDEFENSE (string)

2 : x_transferred (string)

]

url : https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1232 (string)

}

1 : { »

name : MS16-133 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_MS (string)

2 : x_transferred (string)

]

url : https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-133 (string)

}

2 : { »

name : 94031 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/bid/94031 (string)

}

3 : { »

name : 1037246 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

2 : x_transferred (string)

]

url : http://www.securitytracker.com/id/1037246 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : f38d906d-7342-40ea-92c1-6c4a2c6478c8 (string)

assignerShortName : microsoft (string)

cveId : CVE-2016-7233 (string)

datePublished : 2016-11-10T06:16:00 (string)

dateReserved : 2016-09-09T00:00:00 (string)

dateUpdated : 2024-08-06T01:57:47.600Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:excel_for_mac:2011:*:*:*:*:*:*:*", "matchCriteriaId": "0FF929F6-6551-4358-AFBE-3495E8DC7BFA", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:*", "matchCriteriaId": "081DE1E3-4622-4C32-8B9C-9AEC1CD20638", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*", "matchCriteriaId": "44BC7B7B-7191-431C-8CAE-83B3F0EFF03E", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office_web_apps:2010:sp2:*:*:*:*:*:*", "matchCriteriaId": "A8235774-4B57-4793-BE26-2CDE67532EDD", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:sharepoint_server:2013:sp1:*:*:*:*:*:*", "matchCriteriaId": "16F33176-442C-4EFF-8EA0-C640D203B939", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:word:2007:*:*:*:*:*:*:*", "matchCriteriaId": "A9B12493-4287-4AAD-9A18-D3FC3FCBE172", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:word:2010:sp2:*:*:*:*:*:*", "matchCriteriaId": "24EEDAD9-9656-4B21-82E4-D60B83777492", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:word_automation_services:-:*:*:*:*:*:*:*", "matchCriteriaId": "CC865581-3650-4DC4-9138-C2F71AA3B850", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:word_for_mac:2011:*:*:*:*:*:*:*", "matchCriteriaId": "B429C3AB-B405-4156-B63E-BA2BC6A84894", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:word_viewer:-:*:*:*:*:*:*:*", "matchCriteriaId": "7AC45CB0-6C84-46D3-B16D-170D46822E54", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Excel for Mac 2011, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2013 SP1, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted Office document, aka \"Microsoft Office Information Disclosure Vulnerability.\""}, {"lang": "es", "value": "Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word para Mac 2011, Excel para Mac 2011, Word Viewer, Office Compatibility Pack SP3, Word Automation Services en SharePoint Server 2013 SP1 y Office Web Apps 2010 SP2 permiten a atacantes remotos obtener informaci\u00f3n sensible memoria de proceso o provocar una denegaci\u00f3n de servicio cause a denial of service (escritura fuera de l\u00edmites) a trav\u00e9s de un documento Office manipulado, vulnerabilidad tambi\u00e9n conocida como \"Microsoft Office Information Disclosure Vulnerability\"."}], "id": "CVE-2016-7233", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-11-10T06:59:46.300", "references": [{"source": "secure@microsoft.com", "url": "http://www.securityfocus.com/bid/94031"}, {"source": "secure@microsoft.com", "url": "http://www.securitytracker.com/id/1037246"}, {"source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-133"}, {"source": "secure@microsoft.com", "url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1232"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/94031"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1037246"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-133"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1232"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:microsoft:excel_for_mac:2011:*:*:*:*:*:*:* (string)

matchCriteriaId : 0FF929F6-6551-4358-AFBE-3495E8DC7BFA (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:* (string)

matchCriteriaId : 081DE1E3-4622-4C32-8B9C-9AEC1CD20638 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:* (string)

matchCriteriaId : 44BC7B7B-7191-431C-8CAE-83B3F0EFF03E (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:microsoft:office_web_apps:2010:sp2:*:*:*:*:*:* (string)

matchCriteriaId : A8235774-4B57-4793-BE26-2CDE67532EDD (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:microsoft:sharepoint_server:2013:sp1:*:*:*:*:*:* (string)

matchCriteriaId : 16F33176-442C-4EFF-8EA0-C640D203B939 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:microsoft:word:2007:*:*:*:*:*:*:* (string)

matchCriteriaId : A9B12493-4287-4AAD-9A18-D3FC3FCBE172 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:microsoft:word:2010:sp2:*:*:*:*:*:* (string)

matchCriteriaId : 24EEDAD9-9656-4B21-82E4-D60B83777492 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:microsoft:word_automation_services:-:*:*:*:*:*:*:* (string)

matchCriteriaId : CC865581-3650-4DC4-9138-C2F71AA3B850 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:microsoft:word_for_mac:2011:*:*:*:*:*:*:* (string)

matchCriteriaId : B429C3AB-B405-4156-B63E-BA2BC6A84894 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:microsoft:word_viewer:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 7AC45CB0-6C84-46D3-B16D-170D46822E54 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Excel for Mac 2011, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2013 SP1, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted Office document, aka "Microsoft Office Information Disclosure Vulnerability." (string)

}

1 : { »

lang : es (string)

value : Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word para Mac 2011, Excel para Mac 2011, Word Viewer, Office Compatibility Pack SP3, Word Automation Services en SharePoint Server 2013 SP1 y Office Web Apps 2010 SP2 permiten a atacantes remotos obtener información sensible memoria de proceso o provocar una denegación de servicio cause a denial of service (escritura fuera de límites) a través de un documento Office manipulado, vulnerabilidad también conocida como "Microsoft Office Information Disclosure Vulnerability". (string)

}

]

id : CVE-2016-7233 (string)

lastModified : 2025-04-12T10:46:40.837 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : NONE (string)

baseScore : 4.3 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:M/Au:N/C:P/I:N/A:N (string)

version : 2.0 (string)

}

exploitabilityScore : 8.6 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : true (boolean)

}

]

cvssMetricV30 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : NONE (string)

baseScore : 6.5 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : HIGH (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : REQUIRED (string)

vectorString : CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N (string)

version : 3.0 (string)

}

exploitabilityScore : 2.8 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2016-11-10T06:59:46.300 (string)

references : [ »

0 : { »

source : secure@microsoft.com (string)

url : http://www.securityfocus.com/bid/94031 (string)

}

1 : { »

source : secure@microsoft.com (string)

url : http://www.securitytracker.com/id/1037246 (string)

}

2 : { »

source : secure@microsoft.com (string)

url : https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-133 (string)

}

3 : { »

source : secure@microsoft.com (string)

url : https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1232 (string)

}

4 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.securityfocus.com/bid/94031 (string)

}

5 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.securitytracker.com/id/1037246 (string)

}

6 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-133 (string)

}

7 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1232 (string)

}

]

sourceIdentifier : secure@microsoft.com (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-200 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object