Vulnerability Description
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Viewer allow user-assisted remote attackers to execute arbitrary commands via a crafted cell that is mishandled upon a click, aka "Microsoft Office Security Feature Bypass Vulnerability."
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Excel | 2007 |
| Microsoft | Excel Viewer | - |
| Microsoft | Office Compatibility Pack | - |
References
- http://www.securityfocus.com/bid/94660Broken LinkThird Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1037441Broken LinkThird Party AdvisoryVDB Entry
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-14PatchVendor Advisory
- http://www.securityfocus.com/bid/94660Broken LinkThird Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1037441Broken LinkThird Party AdvisoryVDB Entry
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-14PatchVendor Advisory
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-US Government Resource
FAQ
What is CVE-2016-7262?
CVE-2016-7262 is a vulnerability with a CVSS score of 7.8 (HIGH). Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Viewer allow user-assisted remote attackers to execute arbitrary comma...
How severe is CVE-2016-7262?
CVE-2016-7262 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-7262?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Excel, Microsoft Excel Viewer, Microsoft Office Compatibility Pack.