CVE-2017-0243

EPSS 21.5%

Vexday Risk Score

8Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 21.5%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

11 Jul 2017Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8570.

Affected products

Microsoft Corporation · Microsoft Office 2007 SP2 and SP3, Microsoft Office 2010 SP2, Microsoft Office Web Apps 2010 SP2, and Microsoft Business Productivity Servers 2010 SP2.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-0243 http://www.securityfocus.com/bid/99446 http://www.securitytracker.com/id/1038851