CyberSec.Space Logo
Back to CVE Browser

CVE-2016-7262

Known Exploited (CISA KEV)HIGH
7.8
CVSS Severity Score
EPSS Score90.3810%
EPSS Percentile94.41th
PublishedDec 20, 2016
Last ModifiedApr 22, 2026

Vulnerability Description

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Viewer allow user-assisted remote attackers to execute arbitrary commands via a crafted cell that is mishandled upon a click, aka "Microsoft Office Security Feature Bypass Vulnerability."

Affected Platforms (CPE)

πŸ“¦
Microsoft

Excel

= 2007
πŸ“¦
Microsoft

Excel

= 2010
πŸ“¦
Microsoft

Excel

= 2013
πŸ“¦
Microsoft

Excel

= 2013
πŸ“¦
Microsoft

Excel

= 2016
πŸ“¦
Microsoft

Excel Viewer

All versions
πŸ“¦
Microsoft

Office Compatibility Pack

All versions

References & Advisories

πŸ”— http://www.securityfocus.com/bid/94660
πŸ”— http://www.securitytracker.com/id/1037441
πŸ”— https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-148
πŸ”— http://www.securityfocus.com/bid/94660
πŸ”— http://www.securitytracker.com/id/1037441
πŸ”— https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-148
πŸ”— https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-7262

Related Vulnerabilities

CVE-2008-421110.0

Integer signedness error in (1) QuickLook in Apple Mac OS X 10.5.5 and (2) Office Viewer in Apple iPhone OS 1.0 through 2.1 and iP...

CVE-2015-098410.0

Directory traversal vulnerability in the FTP server on Honeywell Excel Web XL1000C50 52 I/O, XL1000C100 104 I/O, XL1000C500 300 I/...

CVE-2004-130110.0

Buffer overflow in the book_format_sql function in format.c for xlreader 0.9.0 allows remote attackers to execute arbitrary code v...

CVE-2019-112329.8

EXCELLENT INFOTEK BiYan v1.57 ~ v2.8 allows an attacker to leak user information (Password) without being authenticated, by sendin...