CVE-2017-0204

EPSS 19.0%

Vexday Risk Score

8Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 19.0%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

12 Apr 2017Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Microsoft Outlook 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1, and Microsoft Outlook 2016 allow remote attackers to bypass the Office Protected View via a specially crafted document, aka "Microsoft Office Security Feature Bypass Vulnerability."

Affected products

Microsoft Corporation · Outlook

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0204 http://www.securityfocus.com/bid/97458 http://www.securitytracker.com/id/1038227