Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 12/05/2017 Updated: 08/07/2017

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Office for Mac 2011, Office for Mac 2016, Microsoft Office Web Apps 2010 SP2, Office Web Apps Server 2013 SP1, Word 2013 RT SP1, Word 2013 SP1, Word Automation Services on Microsoft SharePoint Server 2013 SP1, Office Word Viewer, SharePoint Enterprise Server 2016, and Word 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-0264 and CVE-2017-0265.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft office compatibility pack
microsoft word 2010
microsoft office 2010
microsoft word 2013
microsoft word rt 2013
microsoft office 2011
microsoft office web apps 2010
microsoft office web apps 2013
microsoft word 2007
microsoft word 2016
microsoft office 2016
microsoft word viewer
microsoft sharepoint server 2013
microsoft sharepoint server 2016

CWE-119 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0254 http://www.securityfocus.com/bid/98101 http://www.securitytracker.com/id/1038443 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-0254

Vulnerability Summary

References

Vulmon Search

About

Products

Connect