V
Scaner-VS
ENRU
HomeCatalogSourcesCWECAPECATT&CKMitigationsProductsVendorsDocs
Back to catalog
CVE-2017-0106
MSR
HighConfirmedExploit available

Microsoft Excel 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1, and Microsoft Outlook 2016 allow remote attackers to exec…

CVSS
7.8
High
EPSS
0.28
p97
Published
2017-01-01
Updated
2017-01-01
Description

Microsoft Excel 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1, and Microsoft Outlook 2016 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."

Tags · CWE
CWE-119
CAPEC-8
CAPEC-9
CAPEC-10
CAPEC-14
CAPEC-24
CAPEC-42
CAPEC-44
CAPEC-45
CAPEC-46
CAPEC-47
CAPEC-100
CAPEC-123
Affected products
Outlook
CVSS vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Timeline
2017-01-01
Published
2017-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: L
Local (L)
Attack Complexity
AC: L
Low (L)
Privileges Required
PR: N
None (N)
User Interaction
UI: R
Required (R)
Scope
S: U
Unchanged (U)
Confidentiality Impact
C: H
High (H)
Integrity Impact
I: H
High (H)
Availability Impact
A: H
High (H)
Exploit indicators
EPSS
0.284 · p97
Known exploited (KEV)
No
Known exploits — Сканер-ВС
CVE-2017-0106
github-poc · https://github.com/ryhanson/CVE-2017-0106
Enterprise
Affected products
Microsoft
WindowsOutlook
ProductVendorStatus
outlook*Tracked
WindowsMicrosoftTracked
WindowsMicrosoftTracked
WindowsMicrosoftTracked
WindowsMicrosoftTracked
Source databases
MSR
CVE
Related vulnerabilities
BDU:2017-01171