CVE-2017-11882

high-risk
Published 2017-11-15

Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884.

Do I need to act?

!
94.4% chance of exploitation in next 30 days
EPSS score — higher than 6% of all CVEs
!
CISA KEV: actively exploited in the wild
On the Known Exploited Vulnerabilities catalog — federal agencies must patch
!
1 public exploit available
43163
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.8/10 High
LOCAL / LOW complexity

Affected Products (4)

Affected Vendors

Microsoft

References (29)

Exploit http://reversingminds-blog.logdown.com/posts/3907313-fileless-attack-in-word-wit...
Third Party Advisory http://www.securityfocus.com/bid/101757
Third Party Advisory http://www.securitytracker.com/id/1039783
Exploit https://0patch.blogspot.com/2017/11/did-microsoft-just-manually-patch-their.html
Exploit https://0patch.blogspot.com/2017/11/official-patch-for-cve-2017-11882-meets.html
Exploit https://github.com/0x09AL/CVE-2017-11882-metasploit
Exploit https://github.com/embedi/CVE-2017-11882
Exploit https://github.com/rxwx/CVE-2017-11882
Exploit https://github.com/unamer/CVE-2017-11882
Patch https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-1188...
Exploit https://researchcenter.paloaltonetworks.com/2017/12/unit42-analysis-of-cve-2017-...
Exploit https://web.archive.org/web/20181104111128/https://embedi.com/blog/skeleton-clos...
Exploit https://www.exploit-db.com/exploits/43163/
Third Party Advisory https://www.kb.cert.org/vuls/id/421280
Exploit http://reversingminds-blog.logdown.com/posts/3907313-fileless-attack-in-word-wit...
Third Party Advisory http://www.securityfocus.com/bid/101757
Third Party Advisory http://www.securitytracker.com/id/1039783
Exploit https://0patch.blogspot.com/2017/11/did-microsoft-just-manually-patch-their.html
Exploit https://0patch.blogspot.com/2017/11/official-patch-for-cve-2017-11882-meets.html
Exploit https://github.com/0x09AL/CVE-2017-11882-metasploit
and 9 more references
61
/ 100
high-risk
Severity 24/34 · High
Exploitability 27/34 · High
Exposure 10/34 · Low