FortiClient VulnerabilityMicrosoft Excel CVE-2016-7267 Security Feature Bypass Vulnerability
Description
A security feature bypass vulnerability exists in Microsoft Excel software when it improperly handles the parsing of file formats. The security feature bypass by itself does not allow arbitrary code execution. However, to successfully exploit the vulnerability, an attacker would have to use it in conjunction with another vulnerability, such as a remote code execution vulnerability, to take advantage of the security feature bypass vulnerability and run arbitrary code. To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted file with an affected version of Microsoft Excel software. The security update addresses the vulnerability by correcting how Microsoft Excel handles the parsing of file formats.
Affected Applications
Microsoft Excel 2013 RT Service Pack 1
Microsoft Excel 2013 Service Pack 1 (32-bit editions)
Microsoft Excel 2013 Service Pack 1 (64-bit editions)
Microsoft Excel 2016 x64
Microsoft Excel 2010 Service Pack 2 (32-bit editions)
Microsoft Excel 2016 x86
Microsoft Excel 2010 Service Pack 2 (64-bit editions)
CVE References
CVE-2016-7267Other References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-7267| ID | 51674 |
| Created | Sep 25, 2018 |
| Description Updated |
Dec 21, 2023 |
| Risk |
|
| Coverage | FortiClient |
| OS | Windows |
| Vendor | Microsoft |
| Patch | auto |
| Application | Microsoft Excel 2013 RT Service Pack 1 , Microsoft Excel 2013 Service Pack 1 (32-bit editions) , Microsoft Excel 2013 Service Pack 1 (64-bit editions) , Microsoft Excel 2016 x64 , Microsoft Excel 2010 Service Pack 2 (32-bit editions) , Microsoft Excel 2016 x86 , Microsoft Excel 2010 Service Pack 2 (64-bit editions) |