What is CVE-2016-0012?

CVE-2016-0012 is a medium-severity vulnerability in Microsoft Excel, classified under Information Disclosure. CVSS score: 4.3/10. Published 2016-01-13.

How severe is CVE-2016-0012?

Medium severity. CVSS v3 base score is 4.3 out of 10.

Information disclosure in Microsoft Excel

CVE-2016-0012

Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Visio…

Vulnerability class: Information Disclosure

EPSS: 0.106 (93.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.3 (Medium). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N.

Affected products

Microsoft Excel — versions 2007, 2010, 2013
Microsoft Office — versions 2007, 2010, 2013
Microsoft Powerpoint — versions 2010, 2013, 2016
Microsoft Visio — versions 2007, 2010, 2013
Microsoft Visual_basics — versions 6.0
Microsoft Word — versions 2007, 2010, 2013
N/a — versions n/a

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

MS16-004 (x_refsource_MS, vendor-advisory)
1034651 (vdb-entry, x_refsource_SECTRACK)

Frequently asked questions

What is CVE-2016-0012?: CVE-2016-0012 is a medium-severity vulnerability in Microsoft Excel, classified under Information Disclosure. CVSS score: 4.3/10. Published 2016-01-13.
How severe is CVE-2016-0012?: Medium severity. CVSS v3 base score is 4.3 out of 10.