CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-11854

Microsoft Word 2007 Service Pack 3, Microsoft Word 2010 Service Pack 2, Microsoft Office 2010 Service Pack 2, and Microsoft Office Compatibility Pack Service Pack 3 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Word Memory Corruption Vulnerability".

Exploit prediction scoring system (EPSS) score

EPSS Score 0.179

EPSS Ranking 94.8%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 9.3

References

http://www.securityfocus.com/bid/101746
http://www.securitytracker.com/id/1039795
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11854
http://www.securityfocus.com/bid/101746
http://www.securitytracker.com/id/1039795
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11854

Products affected by CVE-2017-11854

Microsoft » Office » Version: 2010

cpe:2.3:a:microsoft:office:2010
Microsoft » Office Compatibility Pack » Version: N/A

cpe:2.3:a:microsoft:office_compatibility_pack:-
Microsoft » Word » Version: 2007

cpe:2.3:a:microsoft:word:2007
Microsoft » Word » Version: 2010

cpe:2.3:a:microsoft:word:2010

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-11854

Products

Pricing

Contact Us