Microsoft Office 2016 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability.". Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Denial Of Service
RCE
Buffer Overflow
Microsoft
Office
NVD
CVSS 3.0
9.6
EPSS
5.0%