CVE-2017-11826
Microsoft Office Remote Code Execution Vulnerability
Severity Score
7.8
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
Yes
*KEV
Decision
-
*SSVC
Descriptions
Microsoft Office 2010, SharePoint Enterprise Server 2010, SharePoint Server 2010, Web Applications, Office Web Apps Server 2010 and 2013, Word Viewer, Word 2007, 2010, 2013 and 2016, Word Automation Services, and Office Online Server allow remote code execution when the software fails to properly handle objects in memory.
Microsoft Office 2010, SharePoint Enterprise Server 2010, SharePoint Server 2010, Web Applications, Office Web Apps Server 2010 y 2013, Word Viewer, Word 2007, 2010, 2013 y 2016, Word Automation Services y Office Online Server permiten la ejecución remota de código cuando el software no gestiona correctamente objetos en la memoria.
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2017-07-31 CVE Reserved
- 2017-10-13 CVE Published
- 2020-05-18 First Exploit
- 2022-03-03 Exploited in Wild
- 2022-03-24 KEV Due Date
- 2024-09-16 CVE Updated
- 2024-10-25 EPSS Updated
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/101219 | Third Party Advisory | |
| http://www.securitytracker.com/id/1039541 | Third Party Advisory | |
| https://0patch.blogspot.com/2017/11/0patching-pretty-nasty-microsoft-word.html | X_refsource_misc | |
| https://securingtomorrow.mcafee.com/mcafee-labs/analyzing-microsoft-office-zero-day-exploit-cve-2017-11826-memory-corruption-vulnerability | Technical Description | |
| https://www.tarlogic.com/en/blog/exploiting-word-cve-2017-11826 | X_refsource_misc |
| URL | Date | SRC |
|---|---|---|
| https://github.com/thatskriptkid/CVE-2017-11826 | 2020-05-18 |
| URL | Date | SRC |
|---|---|---|
| https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11826 | 2017-12-12 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Microsoft Search vendor "Microsoft" | Office Search vendor "Microsoft" for product "Office" | 2010 Search vendor "Microsoft" for product "Office" and version "2010" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Online Server Search vendor "Microsoft" for product "Office Online Server" | * | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Web Apps Search vendor "Microsoft" for product "Office Web Apps" | * | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Web Apps Search vendor "Microsoft" for product "Office Web Apps" | 2010 Search vendor "Microsoft" for product "Office Web Apps" and version "2010" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Office Web Apps Search vendor "Microsoft" for product "Office Web Apps" | 2013 Search vendor "Microsoft" for product "Office Web Apps" and version "2013" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Sharepoint Enterprise Server Search vendor "Microsoft" for product "Sharepoint Enterprise Server" | 2010 Search vendor "Microsoft" for product "Sharepoint Enterprise Server" and version "2010" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Sharepoint Server Search vendor "Microsoft" for product "Sharepoint Server" | 2010 Search vendor "Microsoft" for product "Sharepoint Server" and version "2010" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Web Applications Search vendor "Microsoft" for product "Web Applications" | * | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Word Search vendor "Microsoft" for product "Word" | 2007 Search vendor "Microsoft" for product "Word" and version "2007" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Word Search vendor "Microsoft" for product "Word" | 2010 Search vendor "Microsoft" for product "Word" and version "2010" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Word Search vendor "Microsoft" for product "Word" | 2013 Search vendor "Microsoft" for product "Word" and version "2013" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Word Search vendor "Microsoft" for product "Word" | 2016 Search vendor "Microsoft" for product "Word" and version "2016" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Word Viewer Search vendor "Microsoft" for product "Word Viewer" | * | - |
Affected
| ||||||