Home/CVEs/CVE-2016-3235/

CVE-2016-3235 - Microsoft Office OLE DLL Side Loading Vulnerability

Project:Microsoft

Product:Office

Date Added:2021-11-03Due Date:2022-05-03

Vulnerability Name

Microsoft Office OLE DLL Side Loading Vulnerability

Description

Microsoft Office Object Linking & Embedding (OLE) dynamic link library (DLL) contains a side loading vulnerability due to it improperly validating input before loading libraries. Successful exploitation allows for remote code execution.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes

https://nvd.nist.gov/vuln/detail/CVE-2016-3235