MS16-070: Security Update for Microsoft Office (3163610)

High Nessus Plugin ID 91611


An application installed on the remote Windows host is affected by multiple vulnerabilities.


The remote Windows host is missing a security update. It is, therefore, affected by multiple vulnerabilities in Microsoft Office :

- Multiple remote code execution vulnerabilities exist due to improper handling of objects in memory. An unauthenticated, remote attacker can exploit these by convincing a user to open a specially crafted file or visit a website that hosts such a file, resulting in the execution of arbitrary code in the context of the user.
(CVE-2016-0025, CVE-2016-3233)

- A flaw exists due to improper disclosure of memory contents. An unauthenticated, remote attacker can exploit this by convincing a user to open a specially crafted file, resulting in the disclosure of potentially sensitive information. (CVE-2016-3234)

- A flaw exists due to improper validation of input before loading OLE library files. A local attacker can exploit this, via a specially crafted application, to execute arbitrary code. (CVE-2016-3235)


Microsoft has released a set of patches for Microsoft Office 2007, 2010, 2013, 2013 RT, and 2016; Microsoft Word 2007, 2010, 2013, 2013 RT, and 2016; Microsoft Excel 2007 and 2010; Microsoft Visio 2007, 2010, 2013, and 2016; Visio Viewer 2007 and 2010; Word Viewer;
Microsoft Office Compatibility Pack; Office Web Apps 2010 and 2013;
Microsoft SharePoint Server 2010 and 2013; and Office Online Server.

See Also

Plugin Details

Severity: High

ID: 91611

File Name: smb_nt_ms16-070.nasl

Version: 1.13

Type: local

Agent: windows

Published: 2016/06/15

Updated: 2019/11/19

Dependencies: 27524, 13855, 57033, 74250, 84669

Risk Information

Risk Factor: High

CVSS Score Source: CVE-2016-3235

CVSS v2.0

Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSS v3.0

Base Score: 7.8

Temporal Score: 7.2

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:microsoft:office, cpe:/a:microsoft:word, cpe:/a:microsoft:excel, cpe:/a:microsoft:word_viewer, cpe:/a:microsoft:visio, cpe:/a:microsoft:visio_viewer, cpe:/a:microsoft:office_compatibility_pack, cpe:/a:microsoft:office_web_apps, cpe:/a:microsoft:sharepoint_server

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2016/06/14

Vulnerability Publication Date: 2016/06/14

Exploitable With

Metasploit (Office OLE Multiple DLL Side Loading Vulnerabilities)

Reference Information

CVE: CVE-2016-0025, CVE-2016-3233, CVE-2016-3234, CVE-2016-3235

BID: 91089, 91091, 91095, 91096