MS16-015: Security Update for Microsoft Office to Address Remote Code Execution (3134226)

High Nessus Plugin ID 88647


The remote Windows host is affected by multiple vulnerabilities.


The remote Windows host has a version of Microsoft Office, Word, Word Viewer, Excel, Excel Viewer, SharePoint, Microsoft Office Compatibility Pack, or Office Web Apps installed that is affected by multiple vulnerabilities :

- Multiple remote code execution vulnerabilities exist due to improper handling of objects in memory. A remote attacker can exploit these vulnerabilities by convincing a user to open a specially crafted file in Microsoft Office, resulting in the execution of arbitrary code in the context of the current user. (CVE-2016-0022, CVE-2016-0052, CVE-2016-0053, CVE-2016-0054, CVE-2016-0055, CVE-2015-0056)

- A cross-site scripting vulnerability exists in SharePoint due to improper sanitization of specially crafted web requests. An authenticated, remote attacker can exploit this, via a specially crafted web request, to execute arbitrary script code in a user's browser session. (CVE-2016-0039)


Microsoft has released a set of patches for Office 2007, 2010, 2013, 2013 RT, and 2016; Word, Word Viewer, Excel, Excel Viewer; SharePoint Server 2007, 2010, and 2013; SharePoint Foundation 2013, Microsoft Office Compatibility Pack, and Office Web Apps.

See Also

Plugin Details

Severity: High

ID: 88647

File Name: smb_nt_ms16-015.nasl

Version: $Revision: 1.7 $

Type: local

Agent: windows

Published: 2016/02/09

Modified: 2017/07/12

Dependencies: 84669, 27524, 13855, 74250, 57033

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:ND

Vulnerability Information

CPE: cpe:/a:microsoft:office, cpe:/a:microsoft:word, cpe:/a:microsoft:word_viewer, cpe:/a:microsoft:excel, cpe:/a:microsoft:excel_viewer, cpe:/a:microsoft:sharepoint_server, cpe:/a:microsoft:sharepoint_foundation, cpe:/a:microsoft:office_compatibility_pack, cpe:/a:microsoft:office_web_apps

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2016/02/09

Vulnerability Publication Date: 2016/02/09

Reference Information

CVE: CVE-2016-0022, CVE-2016-0039, CVE-2016-0052, CVE-2016-0053, CVE-2016-0054, CVE-2016-0055, CVE-2016-0056

BID: 82508, 82512, 82652, 82654, 82657, 82660, 82787

OSVDB: 134313, 134314, 134315, 134316, 134317, 134318, 134319

MSFT: MS16-015

MSKB: 3039768, 3114335, 3114338, 3114401, 3114407, 3114432, 3114481, 3114548, 3114698, 3114702, 3114724, 3114733, 3114734, 3114741, 3114742, 3114745, 3114747, 3114748, 3114752, 3114755, 3104759, 3114773

IAVA: 2016-A-0043