What is CVE-2016-3279?

CVE-2016-3279 is a medium-severity vulnerability in Microsoft Excel, classified under CWE-254. CVSS score: 5.5/10. Published 2016-07-13.

How severe is CVE-2016-3279?

Medium severity. CVSS v3 base score is 5.5 out of 10.

Vulnerability in Microsoft Excel

CVE-2016-3279

Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Excel 2013 SP1, PowerPoint 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Excel 2016, Word 2016, Word Automation Services…

EPSS: 0.344 (97.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.5 (Medium). Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N.

Affected products

Microsoft Excel — versions 2010, 2013, 2016
Microsoft Excel_rt — versions 2013
Microsoft Office — versions 2010
Microsoft Office_web_apps — versions 2010
Microsoft Powerpoint — versions 2010, 2013
Microsoft Powerpoint_rt — versions 2013
Microsoft Sharepoint_server — versions 2010
Microsoft Word — versions 2010, 2013, 2016
Microsoft Word_rt — versions 2013
N/a — versions n/a

Weakness classification (CWE)

CWE-254

References

1036274 (vdb-entry, x_refsource_SECTRACK)
1036275 (vdb-entry, x_refsource_SECTRACK)
MS16-088 (x_refsource_MS, vendor-advisory)
91587 (vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2016-3279?: CVE-2016-3279 is a medium-severity vulnerability in Microsoft Excel, classified under CWE-254. CVSS score: 5.5/10. Published 2016-07-13.
How severe is CVE-2016-3279?: Medium severity. CVSS v3 base score is 5.5 out of 10.