Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2017-11774

Published: 13/10/2017 Updated: 11/07/2019
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Microsoft

Vulnerability Summary

Microsoft Outlook 2010 SP2, Outlook 2013 SP1 and RT SP1, and Outlook 2016 allow an malicious user to execute arbitrary commands, due to how Microsoft Office handles objects in memory, aka "Microsoft Outlook Security Feature Bypass Vulnerability."

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft outlook 2010

microsoft outlook 2016

microsoft outlook 2013 rt

microsoft outlook 2013

Github Repositories

SniperRoost

used to generate a valid attack chain to exploit CVE-2017-11774 tied to iranian apt only reasearch poc dont use for harm please

SniperRoost used to generate a valid attack chain to exploit CVE-2017-11774 tied to iranian apt only reasearch poc dont use for harm please

fireeye_CVEs

CVEs enumerated by FireEye and that should be addressed to limit the effectiveness of leaked the Red Team tools CVE-2019-11510 – pre-auth arbitrary file reading from Pulse Secure SSL VPNs - CVSS 100 CVE-2020-1472 – Microsoft Active Directory escalation of privileges - CVSS 100 CVE-2018-13379 – pre-auth arbitrary file reading from Fortinet Fortigate SSL VPN

fireeye_cves

vFeed CVEs Vulnerability Indicators that should be addressed to limit the effectiveness of the Leaked FireEye Red Team tools CVE-2019-11510 – pre-auth arbitrary file reading from Pulse Secure SSL VPNs - CVSS 100 CVE-2020-1472 – Microsoft Active Directory escalation of privileges - CVSS 100 CVE-2018-13379 – pre-auth arbitrary file reading from Fortinet Forti

Exp101tsArchiv30thers

Here is a collection about Proof of Concepts of Common Vulnerabilities and Exposures, and you may also want to check out current Contents CVE-2011-2856 CVE-2011-3243 CVE-2013-2618 CVE-2013-6632 CVE-2014-1701 CVE-2014-1705 CVE-2014-1747 CVE-2014-3176 CVE-2014-6332 CVE-2014-7927 CVE-2014-7928 CVE-2015-0072 CVE-2015-0235 CVE-2015-0240 CVE-2015-1233 CVE-2015-1242 CVE-2015-1268 CV

awesome-cve-poc_qazbnm456

Awesome CVE PoC A curated list of CVE PoCs Here is a collection about Proof of Concepts of Common Vulnerabilities and Exposures, and you may also want to check out awesome-web-security Please read the contribution guidelines before contributing This repo is full of PoCs for CVEs If you enjoy this awesome list and would like to support it, check out my Patreon page :

Recent Articles

US Cyber Command warns that the Outlook is not so good - Iranians hitting email flaw
The Register • Shaun Nichols in San Francisco • 03 Jul 2019

Government-backed campaign going after bug that was patched in 2017

An ongoing Iranian government-backed hacking campaign is now trying to exploit a Microsoft Outlook flaw from 2017.
The US Cyber Command has issued an alert that hackers have been actively going after CVE-2017-11774. The flaw is a sandbox escape bug in Outlook that allows an attacker who already possesses the victim's Outlook credentials to change the user's home page. That page, in turn, can have embedded code that downloads and executes malware when Outlook is opened.
The timing of ...

Read more...
US Cyber Command warns that the Outlook is not so good - Iranians hitting email flaw
The Register • Shaun Nichols in San Francisco • 03 Jul 2019

Government-backed campaign going after bug that was patched in 2017

An ongoing Iranian government-backed hacking campaign is now trying to exploit a Microsoft Outlook flaw from 2017.
The US Cyber Command has issued an alert that hackers have been actively going after CVE-2017-11774. The flaw is a sandbox escape bug in Outlook that allows an attacker who already possesses the victim's Outlook credentials to change the user's home page. That page, in turn, can have embedded code that downloads and executes malware when Outlook is opened.
The timing of ...

Read more...
OVERRULED: Containing a Potentially Destructive Adversary
Fireeye Threat Research • by Geoff Ackerman, Rick Cole, Andrew Thompson, Alex Orleans, Nick Carr • 21 Dec 2018

UPDATE (Jul. 3, 2019): On May 16, 2019 FireEye's Advanced Practices
team attributed the remaining "suspected APT33 activity"
(referred to as GroupB in this blog post) to APT33, operating at the
behest of the Iranian government. The malware and tradecraft in this
blog post are consistent with the June
2019 intrusion campaign targeting U.S. federal government
agencies and financial, retail, media, and education sectors – as
well as U.S.
Cyber...

Read more...
OVERRULED: Containing a Potentially Destructive Adversary
Fireeye Threat Research • by Geoff Ackerman, Rick Cole, Andrew Thompson, Alex Orleans, Nick Carr • 21 Dec 2018

Introduction
FireEye assesses APT33 may be behind a series of intrusions and attempted intrusions within the engineering industry. Public reporting indicates this activity may be related to recent destructive attacks. FireEye's Managed Defense has responded to and contained numerous intrusions that we assess are related. The actor is leveraging publicly available tools in early phases of the intrusion; however, we have observed them transition to custom implants in later stage activity in ...

Read more...

References

CWE-119https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11774http://www.securitytracker.com/id/1039542http://www.securityfocus.com/bid/101098https://sensepost.com/blog/2017/outlook-home-page-another-ruler-vector/https://github.com/devcoinfet/SniperRoosthttps://tools.cisco.com/security/center/viewAlert.x?alertId=55441https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-20430cache poisoningCVE-2021-33909CVE-2021-37449CVE-2021-36563cameraCVE-2021-22555path traversalCVE-2021-25207
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook