VYPR
Get started
← All advisories
High severity7.8NVD Advisory· Published May 11, 2016· Updated May 6, 2026

CVE-2016-0140

CVE-2016-0140

Description

Microsoft Office 2007 SP3, Office 2010 SP2, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

Affected products

4
  • Microsoft/Office2 versions
    cpe:2.3:a:microsoft:office:2007:sp3:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:microsoft:office:2007:sp3:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:*
  • Microsoft/Office Web Apps
    cpe:2.3:a:microsoft:office_web_apps:2010:sp2:*:*:*:*:*:*
  • Microsoft/Sharepoint Server
    cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.