Description
Microsoft Word Remote Code Execution Vulnerability
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
E
Unchanged
RL
O
RC
Changed
Affected products
- Microsoft / Microsoft 365 Apps for Enterprise16.0.1 – https://aka.ms/OfficeSecurityReleases
- Microsoft / Microsoft Office 2019 for Mac16.0.0 – 16.67.22111300
- Microsoft / Microsoft Office LTSC for Mac 202116.0.1 – 16.67.22111300
- Microsoft / Microsoft Office Online Server16.0.1 – 16.0.10392.20000
- Microsoft / Microsoft Office Web Apps Server 2013 Service Pack 115.0.1 – 15.0.5501.1000
- Microsoft / Microsoft SharePoint Enterprise Server 2013 Service Pack 115.0.0 – 15.0.5501.1000
- Microsoft / Microsoft SharePoint Enterprise Server 201616.0.0 – 16.0.5369.1000
- Microsoft / Microsoft SharePoint Server 201916.0.0 – 16.0.10392.20000
- Microsoft / Microsoft SharePoint Server Subscription Edition16.0.0 – 16.0.15601.20238
- Microsoft / Microsoft Word 2013 Service Pack 115.0.1 – 15.0.5501.1000
- Microsoft / Microsoft Word 201616.0.1 – 16.0.5369.1000
- Microsoft / SharePoint Server Subscription Edition Language Pack16.0.0 – 16.0.15601.20238