Rapid7 Vulnerability & Exploit Database

MS16-099: Security Update for Microsoft Office (3177451) [Office for Mac]

Free InsightVM Trial No Credit Card Necessary

2024 Attack Intel Report Latest research by Rapid7 Labs

Back to Search

MS16-099: Security Update for Microsoft Office (3177451) [Office for Mac]

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Published

08/09/2016

Created

07/25/2018

Added

09/09/2016

Modified

03/21/2018

Description

An information disclosure vulnerability exists when Microsoft OneNote improperly discloses its memory contents. An attacker who exploited the vulnerability could use the information to compromise the userâs computer or data. To exploit the vulnerability, an attacker could create a specially crafted OneNote file and convince a victim to open it. For an attack to be successful, the attacker must know the specific location of OneNote objects in memory.

Solution(s)

office-for-mac-upgrade-14_6_7
office-for-mac-upgrade-15_25_0

References

https://attackerkb.com/topics/cve-2016-3313
CVE - 2016-3313
CVE - 2016-3315
CVE - 2016-3316
CVE - 2016-3317
CVE - 2016-3318
MS16-099
3177451

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

MS16-099: Security Update for Microsoft Office (3177451) [Office for Mac]

MS16-099: Security Update for Microsoft Office (3177451) [Office for Mac]

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.