CVE-2017-11878 – Microsoft Office Excel Workbook Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-11878
Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Compatibility Pack Service Pack 3, and Microsoft Excel Viewer 2007 Service Pack 3 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Excel Memory Corruption Vulnerability". Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Compatibility Pack Service Pack 3 y Microsoft Excel Viewer 2007 Service Pack 3 permiten que un atacante ejecute código arbitrario en el contexto del usuario actual cuando no se gestionan correctamente los objetos en la memoria. Esto también se conoce como "Microsoft Excel Memory Corruption Vulnerability". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Excel workbooks. • http://www.securityfocus.com/bid/101756 http://www.securitytracker.com/id/1039783 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11878 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-11882 – Microsoft Office Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2017-11882
Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884. Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1 y Microsoft Office 2016 permiten que un atacante ejecute código arbitrario en el contexto del usuario actual al no gestionar correctamente los objetos en la memoria. Esto también se conoce como "Microsoft Office Memory Corruption Vulnerability". El ID de este CVE es diferente de CVE-2017-11884. • https://www.exploit-db.com/exploits/43163 https://github.com/Ridter/CVE-2017-11882 https://github.com/embedi/CVE-2017-11882 https://github.com/rip1s/CVE-2017-11882 https://github.com/starnightcyber/CVE-2017-11882 https://github.com/0x09AL/CVE-2017-11882-metasploit https://github.com/littlebin404/CVE-2017-11882 https://github.com/ChaitanyaHaritash/CVE-2017-11882 https://github.com/Shadowshusky/CVE-2017-11882- https://github.com/ekgg/Overflow-Demo-CVE-2017-11882 https:/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-11825
https://notcve.org/view.php?id=CVE-2017-11825
Microsoft Office 2016 Click-to-Run (C2R) and Microsoft Office 2016 for Mac allow an attacker to use a specially crafted file to perform actions in the security context of the current user, due to how Microsoft Office handles files in memory, aka "Microsoft Office Remote Code Execution Vulnerability". Microsoft Office 2016 Click-to-Run (C2R) y Microsoft Office 2016 para Mac permiten que un atacante emplee un archivo especialmente manipulado para ejecutar acciones en el contexto de seguridad del usuario actual debido a cómo gestiona Microsoft Office los objetos en la memoria, lo que también se conoce como "Microsoft Office Remote Code Execution Vulnerability". • http://www.securityfocus.com/bid/101124 http://www.securitytracker.com/id/1039539 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11825 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-11826 – Microsoft Office Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-11826
Microsoft Office 2010, SharePoint Enterprise Server 2010, SharePoint Server 2010, Web Applications, Office Web Apps Server 2010 and 2013, Word Viewer, Word 2007, 2010, 2013 and 2016, Word Automation Services, and Office Online Server allow remote code execution when the software fails to properly handle objects in memory. Microsoft Office 2010, SharePoint Enterprise Server 2010, SharePoint Server 2010, Web Applications, Office Web Apps Server 2010 y 2013, Word Viewer, Word 2007, 2010, 2013 y 2016, Word Automation Services y Office Online Server permiten la ejecución remota de código cuando el software no gestiona correctamente objetos en la memoria. A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. • https://github.com/thatskriptkid/CVE-2017-11826 http://www.securityfocus.com/bid/101219 http://www.securitytracker.com/id/1039541 https://0patch.blogspot.com/2017/11/0patching-pretty-nasty-microsoft-word.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11826 https://securingtomorrow.mcafee.com/mcafee-labs/analyzing-microsoft-office-zero-day-exploit-cve-2017-11826-memory-corruption-vulnerability https://www.tarlogic.com/en/blog/exploiting-word-cve-2017-11826 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-8630
https://notcve.org/view.php?id=CVE-2017-8630
Microsoft Office 2016 allows a remote code execution vulnerability when it fails to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8631, CVE-2017-8632, and CVE-2017-8744. Microsoft Office 2016 permite que se produzca una vulnerabilidad de ejecución remota de código cuando no gestiona correctamente los objetos en la memoria. Esto también se conoce como "Microsoft Office Memory Corruption Vulnerability". El ID de este CVE es diferente de CVE-2017-8631, CVE-2017-8632, y CVE-2017-8744. • http://www.securityfocus.com/bid/100732 http://www.securitytracker.com/id/1039315 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8630 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •