Description
A remote code execution vulnerability exists when the Office graphics component improperly handles specially crafted embedded fonts, aka "Microsoft Office Graphics Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft SharePoint, Excel, Microsoft SharePoint Server.
Affected products
- Microsoft / ExcelServices on Microsoft SharePoint Enterprise Server 2013 Service Pack 1 – Services on Microsoft SharePoint Enterprise Server 2013 Service Pack 1
- Microsoft / Microsoft Office2010 Service Pack 2 (32-bit editions) – 2010 Service Pack 2 (32-bit editions)
- Microsoft / Microsoft Office2010 Service Pack 2 (64-bit editions) – 2010 Service Pack 2 (64-bit editions)
- Microsoft / Microsoft Office2013 RT Service Pack 1 – 2013 RT Service Pack 1
- Microsoft / Microsoft Office2013 Service Pack 1 (32-bit editions) – 2013 Service Pack 1 (32-bit editions)
- Microsoft / Microsoft Office2013 Service Pack 1 (64-bit editions) – 2013 Service Pack 1 (64-bit editions)
- Microsoft / Microsoft Office2016 (32-bit edition) – 2016 (32-bit edition)
- Microsoft / Microsoft Office2016 (64-bit edition) – 2016 (64-bit edition)
- Microsoft / Microsoft OfficeWeb Apps 2010 Service Pack 2 – Web Apps 2010 Service Pack 2
- Microsoft / Microsoft OfficeWeb Apps Server 2013 Service Pack 1 – Web Apps Server 2013 Service Pack 1
- Microsoft / Microsoft SharePointEnterprise Server 2016 – Enterprise Server 2016
- Microsoft / Microsoft SharePoint Server2013 Service Pack 1 – 2013 Service Pack 1
- Microsoft / WordAutomation Services on Microsoft SharePoint Server 2013 Service Pack 1 – Automation Services on Microsoft SharePoint Server 2013 Service Pack 1
- Microsoft / WordAutomation Services on Microsoft SharePoint Server 2010 Service Pack 2 – Automation Services on Microsoft SharePoint Server 2010 Service Pack 2