CVE-2017-8570
Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Remote Code...
Basic Information
- CVE State
- PUBLISHED
- Reserved Date
- May 03, 2017
- Published Date
- July 11, 2017
- Last Updated
- February 10, 2025
- Vendor
- Microsoft
- Product
- Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, and Microsoft Office 2016.
- Description
- Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0243.
- Tags
- Exploitation
- active
- Technical Impact
- total
CVSS Scores
CVSS v3.1
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS v2.0
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
SSVC Information
References
Known Exploited Vulnerability Information
| Source | Added Date |
|---|---|
| CISA | 2022-02-25 00:00:00 UTC |
Potential Proof of Concepts
Warning: These PoCs have not been tested and could contain malware. Use at your own risk.
erfze/CVE-2017-8570
Type: github • Created: 2020-08-06 09:12:37 UTC • Stars: 1
sasqwatch/CVE-2017-8570
Type: github • Created: 2019-05-08 20:53:27 UTC • Stars: 0
Drac0nids/CVE-2017-8570
Type: github • Created: 2019-01-03 15:12:39 UTC • Stars: 3
SwordSheath/CVE-2017-8570
Type: github • Created: 2018-04-08 10:07:17 UTC • Stars: 5
MaxSecurity/Office-CVE-2017-8570
Type: github • Created: 2018-02-26 04:41:24 UTC • Stars: 0
rxwx/CVE-2017-8570
Type: github • Created: 2018-01-09 19:09:33 UTC • Stars: 186
Timeline
-
CVE ID Reserved
-
CVE Published to Public
-
Proof of Concept Exploit Available
-
Added to KEVIntel