HTTP: Microsoft Excel CVE-2016-7236 Use-After-Free

This signature detects an attempt to exploit an Use-After-Free Vulnerability in Microsoft Excel. Successful exploitation could allow an attacker to execute arbitrary code into the application's context.

Extended Description

Microsoft Excel 2010 SP2, Excel for Mac 2011, Excel 2016 for Mac, and Excel Services on SharePoint Server 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

Affected Products

Microsoft sharepoint_server

References

CVE: CVE-2016-7236

Short Name
HTTP:STC:DL:CVE-2016-7236-UAF
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2016-7236 Excel Microsoft Use-After-Free
Release Date
11/08/2016
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3717
False Positive
Unknown
Vendors

Microsoft

CVSS Score

9.3

Found a potential security threat?