CVE-2017-8509
Low
Low
Medium
High
Critical
CVSS Score
Vulnerability Description
A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, CVE-2017-0260, and CVE-2017-8506.
Known Affected Software
16 configuration(s) from 1 vendor(s)
word
Version:
2013
CPE:
cpe:2.3:a:microsoft:word:2013:sp1:*:*:*:*:x86:*
office
Version:
2013
CPE:
cpe:2.3:a:microsoft:office:2013:sp2:*:*:*:*:x86:*
office
Version:
2007
CPE:
cpe:2.3:a:microsoft:office:2007:sp3:*:*:*:*:*:*
word
Version:
2007
CPE:
cpe:2.3:a:microsoft:word:2007:sp3:*:*:*:*:*:*
word_for_mac
Version:
2016
CPE:
cpe:2.3:a:microsoft:word_for_mac:2016:*:*:*:*:*:*:*
office_web_apps
Version:
2010
CPE:
cpe:2.3:a:microsoft:office_web_apps:2010:sp2:*:*:*:*:-:*
office
Version:
2016
CPE:
cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:x86:*
sharepoint_server
Version:
2016
CPE:
cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*
office_web_apps_server
Version:
2013
CPE:
cpe:2.3:a:microsoft:office_web_apps_server:2013:sp1:*:*:*:*:*:*
word
Version:
2016
CPE:
cpe:2.3:a:microsoft:word:2016:*:*:*:*:*:x86:*
office
Version:
2010
CPE:
cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:*
word
Version:
2010
CPE:
cpe:2.3:a:microsoft:word:2010:sp2:*:*:*:*:x86:*
onenote
Version:
2010
CPE:
cpe:2.3:a:microsoft:onenote:2010:sp2:*:*:*:*:*:*
office_compatibility_pack
Version:
-
CPE:
cpe:2.3:a:microsoft:office_compatibility_pack:-:sp3:*:*:*:*:*:*
sharepoint_server
Version:
2010
CPE:
cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:foundation:*:*:*
sharepoint_server
Version:
2013
CPE:
cpe:2.3:a:microsoft:sharepoint_server:2013:sp1:*:*:enterprise:*:*:*
This vulnerability affects 16 software configuration(s). Ensure you patch all affected systems.
References & Resources
-
http://www.securityfocus.com/bid/98812secure@microsoft.com Third Party Advisory VDB Entry
-
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8509secure@microsoft.com Mitigation Patch Vendor Advisory
-
http://www.securityfocus.com/bid/98812af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory VDB Entry
-
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8509af854a3a-2127-422b-91ae-364da2661108 Mitigation Patch Vendor Advisory
Severity Details
out of 10.0
Low
Key Information
- Published Date
- June 15, 2017
