Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2017-11774

Published: 13/10/2017 Updated: 30/08/2021
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 606
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Microsoft

Vulnerability Summary

Microsoft Outlook 2010 SP2, Outlook 2013 SP1 and RT SP1, and Outlook 2016 allow an malicious user to execute arbitrary commands, due to how Microsoft Office handles objects in memory, aka "Microsoft Outlook Security Feature Bypass Vulnerability."

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft outlook 2010

microsoft outlook 2016

microsoft outlook

microsoft outlook 2013

Github Repositories

https://github.com/devcoinfet/SniperRoost

used to generate a valid attack chain to exploit CVE-2017-11774 tied to iranian apt only reasearch poc dont use for harm please

SniperRoost used to generate a valid attack chain to exploit CVE-2017-11774 tied to iranian apt only reasearch poc dont use for harm please

https://github.com/med0x2e/RT-EWS

A Powershell module including a couple of cmdlets for EWS Enum/Exploitation.

A couple of Cmdlets leveraging EWS API (In case access over MAPI is limited) for performing specific enumeration/exploitation tasks on Exchange Servers (Office365, Premises-based Servers etc) during RT engagements; Retrieving basic statistics about mailboxes, generating statistics charts for compromized accounts and average mail data size that could be exfiltrated which can

Recent Articles

US Cyber Command warns that the Outlook is not so good - Iranians hitting email flaw
The Register • Shaun Nichols in San Francisco • 03 Jul 2019

Government-backed campaign going after bug that was patched in 2017

An ongoing Iranian government-backed hacking campaign is now trying to exploit a Microsoft Outlook flaw from 2017. The US Cyber Command has issued an alert that hackers have been actively going after CVE-2017-11774. The flaw is a sandbox escape bug in Outlook that allows an attacker who already possesses the victim's Outlook credentials to change the user's home page. That page, in turn, can have embedded code that downloads and executes malware when Outlook is opened. The timing of this alert r...

Read more...

References

CWE-119https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11774http://www.securitytracker.com/id/1039542http://www.securityfocus.com/bid/101098https://sensepost.com/blog/2017/outlook-home-page-another-ruler-vector/https://nvd.nist.govhttps://github.com/devcoinfet/SniperRoosthttps://www.theregister.co.uk/2019/07/03/outlook_flaw_iran/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400CVE-2023-7252CVE-2024-21111denial of serviceCVE-2024-29661CVE-2024-22856remote attackersencryptionCVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook