CVE-2016-7264

high Microsoft
CVSS v3 Base Score
7.1
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
EPSS Score
11.3%
Exploitation probability in 30 days
Top 6% most likely to be exploited
Attack Characteristics
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Confidentiality
High
Integrity
None
Availability
High
Published: December 20, 2016 (3433 days ago)
Last Modified: May 6, 2026
Vendor: Microsoft
Source: NVD

Description

Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, Excel for Mac 2011, and Excel 2016 for Mac allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted document, aka "Microsoft Office Information Disclosure Vulnerability."

CWE

CWE-125

Affected Products

microsoft excelmicrosoft excel for macmicrosoft excel viewermicrosoft office compatibility pack

References

🔗 www.securityfocus.com 🔗 www.securitytracker.com 🔗 docs.microsoft.com 🔗 www.securityfocus.com 🔗 www.securitytracker.com