CVE-2017-11878

Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Compatibility Pack Service Pack 3, and Microsoft Excel Viewer 2007 Service Pack 3 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Excel Memory Corruption Vulnerability".
References
Link Resource
http://www.securityfocus.com/bid/101756 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039783 Issue Tracking Third Party Advisory VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11878 Issue Tracking Patch Vendor Advisory
http://www.securityfocus.com/bid/101756 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039783 Issue Tracking Third Party Advisory VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11878 Issue Tracking Patch Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microsoft:excel:2007:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2010:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2013:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel_viewer:2007:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_compatibility_pack:-:sp3:*:*:*:*:*:*

History

21 Nov 2024, 03:08

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/101756 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/101756 - Third Party Advisory, VDB Entry
References () http://www.securitytracker.com/id/1039783 - Issue Tracking, Third Party Advisory, VDB Entry () http://www.securitytracker.com/id/1039783 - Issue Tracking, Third Party Advisory, VDB Entry
References () https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11878 - Issue Tracking, Patch, Vendor Advisory () https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11878 - Issue Tracking, Patch, Vendor Advisory

03 Oct 2023, 15:38

Type Values Removed Values Added
CPE cpe:2.3:a:microsoft:excel_2013_rt:-:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel_2010:*:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel_2007:-:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2013:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2010:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel:2007:*:*:*:*:*:*:*

Information

Published : 2017-11-15 03:29

Updated : 2024-11-21 03:08


NVD link : CVE-2017-11878

Mitre link : CVE-2017-11878

CVE.ORG link : CVE-2017-11878


JSON object : View

Products Affected

microsoft

  • office_compatibility_pack
  • excel
  • excel_viewer
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer