Medium severity6.5NVD Advisory· Published Nov 10, 2016· Updated May 6, 2026

CVE-2016-7233

Description

Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Excel for Mac 2011, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2013 SP1, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted Office document, aka "Microsoft Office Information Disclosure Vulnerability."

Affected products

Microsoft/Excel For Mac
cpe:2.3:a:microsoft:excel_for_mac:2011:*:*:*:*:*:*:*
Microsoft/Office
cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:*
Microsoft/Office Compatibility Pack
cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*
Microsoft/Office Web Apps
cpe:2.3:a:microsoft:office_web_apps:2010:sp2:*:*:*:*:*:*
Microsoft/Sharepoint Server
cpe:2.3:a:microsoft:sharepoint_server:2013:sp1:*:*:*:*:*:*
Microsoft/Word2 versions
cpe:2.3:a:microsoft:word:2007:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:word:2007:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:word:2010:sp2:*:*:*:*:*:*
Microsoft/Word Automation Services
cpe:2.3:a:microsoft:word_automation_services:-:*:*:*:*:*:*:*
Microsoft/Word For Mac
cpe:2.3:a:microsoft:word_for_mac:2011:*:*:*:*:*:*:*
Microsoft/Word Viewer
cpe:2.3:a:microsoft:word_viewer:-:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.012
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000