CVE-2017-11882

CVE Database · CVE-2017-11882

CVE-2017-11882

· HIGHAnalyzed

CVSS v3.1

7.8

EPSS

99.94%

Published

Nov 15, 2017

Modified

Apr 22, 2026

CISA Known Exploited Vulnerability

Added: 2021-11-03 · Due: 2022-05-03

Apply updates per vendor instructions.

Public PoC / Exploit (10)

All weaponized →

Exploit-DBMicrosoft Office - OLE Remote Code Execution TrickestTrickest PoC index GitHub PoCRidter/CVE-2017-11882★538 GitHub PoCembedi/CVE-2017-11882★494 GitHub PoCrip1s/CVE-2017-11882★329 GitHub PoCrxwx/CVE-2018-0802★269 GitHub PoCRidter/RTF_11882_0802★166 GitHub PoC0x09AL/CVE-2017-11882-metasploit★98 GitHub PoCstarnightcyber/CVE-2017-11882★44 GitHub PoCBlackMathIT/2017-11882_Generator★35

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-119CWE-119

Affected Products (4)

microsoft · officevulnerable

References (20)

http://reversingminds-blog.logdown.com/posts/3907313-fileless-attack-in-word-without-macros-cve-2017-11882

ExploitThird Party Advisory

http://www.securityfocus.com/bid/101757

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1039783

Third Party AdvisoryVDB Entry

https://0patch.blogspot.com/2017/11/did-microsoft-just-manually-patch-their.html

ExploitThird Party Advisory

https://0patch.blogspot.com/2017/11/official-patch-for-cve-2017-11882-meets.html

ExploitPatch

KEV Catalog EPSS Scores Vendors All CVEs