6.8
CVSSv2

CVE-2017-12824

Published: 08/11/2017 Updated: 29/06/2018
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

Special crafted InPage document leads to arbitrary code execution in InPage reader.

Vulnerability Trend

Affected Products

Vendor Product Versions
InpageInpage-

Recent Articles

InPage zero-day exploit used to attack financial institutions in Asia
Securelist • Denis Legezo • 23 Nov 2016

In September 2016, while researching a new wave of attacks, we found an interesting target which appeared to constantly receive spearphishes, a practice we commonly describe as a “magnet of threats”. Among all the attacks received by this magnet of threats, which included various older Office exploits such as CVE-2012-0158, one of them attracted our attention. This file, which was also uploaded to a multiscanner service in September 2016, had an extension that we were unfamiliar with – “...