What is CVE-2016-3360?

CVE-2016-3360 is a high-severity vulnerability in Microsoft Office_compatibility_pack, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. CVSS score: 7.8/10. Published 2016-09-14.

How severe is CVE-2016-3360?

High severity. CVSS v3 base score is 7.8 out of 10.

Buffer overflow in Microsoft Office_compatibility_pack

CVE-2016-3360

Microsoft PowerPoint 2007 SP3, PowerPoint 2010 SP2, PowerPoint 2013 SP1, PowerPoint 2013 RT SP1, PowerPoint 2016 for Mac, Office Compatibility Pack SP3, PowerPoint Viewer, SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, and Office We…

Vulnerability class: Buffer Overflow

EPSS: 0.174 (95.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.

Affected products

Microsoft Office_compatibility_pack
Microsoft Office_web_apps — versions 2010
Microsoft Office_web_apps_server — versions 2013
Microsoft Powerpoint — versions 2007, 2010, 2013
Microsoft Powerpoint_for_mac — versions 2016
Microsoft Powerpoint_viewer
Microsoft Sharepoint_designer — versions 2013
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

1036785 (vdb-entry, x_refsource_SECTRACK)
MS16-107 (x_refsource_MS, vendor-advisory)
92796 (vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2016-3360?: CVE-2016-3360 is a high-severity vulnerability in Microsoft Office_compatibility_pack, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. CVSS score: 7.8/10. Published 2016-09-14.
How severe is CVE-2016-3360?: High severity. CVSS v3 base score is 7.8 out of 10.