How severe is CVE-2016-3279?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2016-3279?

This is classified as CWE-254, which is a common weakness in software security.

CVE-2016-3279 - MEDIUM Severity | CVSS 5.5

Vulnerability Description

Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Excel 2013 SP1, PowerPoint 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Excel 2016, Word 2016, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code via a crafted XLA file, aka "Microsoft Office Remote Code Execution Vulnerability."

Related Vulnerabilities

CVE-2015-3170

MEDIUM

CVSS:5.5(Medium)

selinux-policy when sysctl fs.protected_hardlinks are set to 0 allows local users to cause a denial of service (SSH login prevention) by creating a hardlink to /etc/passwd from a directory named .conf...

CWE-2542015

CVE-2015-7837

MEDIUM

CVSS:5.5(Medium)

The Linux kernel, as used in Red Hat Enterprise Linux 7, kernel-rt, and Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended securelevel/secureboot res...

CWE-2542015

CVE-2015-8777

MEDIUM

CVSS:5.5(Medium)

The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTER...

CWE-2542015

CVE-2015-8986

MEDIUM

CVSS:5.5(Medium)

Sandbox detection evasion vulnerability in hardware appliances in McAfee (now Intel Security) Advanced Threat Defense (MATD) 3.4.2.32 and earlier allows attackers to detect the sandbox environment, th...

CWE-2542015

CVE-2016-0181

MEDIUM

CVSS:5.5(Medium)

Microsoft Windows 10 Gold and 1511 allows local users to bypass the Virtual Secure Mode Hypervisor Code Integrity (HVCI) protection mechanism and perform RWX markings of kernel-mode pages via a crafte...

CWE-2542016

CVE-2016-10332

MEDIUM

CVSS:5.5(Medium)

In all Android releases from CAF using the Linux kernel, stack protection was not enabled for secure applications.

CWE-2542016