VDB
CVE-2017-0262
CVE-2017-0262
PUBLISHED
KEV
CVSS 9.300000190734863 CRITICAL
Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0261 and CVE-2017-0281.
EPSS 65.00% · 98.5th percentile
Risk Scores
CVSS 2.0
9.300000190734863
EPSS Score
65.00%
98.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| microsoft | office | 2016, 2010, 2013 |
| Microsoft Corporation | Microsoft Office | Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 |
Exploit Intelligence
- homjxi0e/CVE-2017-0290- (github-poc)
- homjxi0e/CVE-2017-0290- (github-poc)
- homjxi0e/CVE-2017-0290- (github-poc)
- homjxi0e/CVE-2017-0290- (github-poc)
- homjxi0e/CVE-2017-0290- (github-poc)
- homjxi0e/CVE-2017-0290- (github-poc)
- CVE-2017-8570 Exp及利用样本分析 (github-poc)
- CVE-2017-8570 Exp及利用样本分析 (github-poc)
- CVE-2017-8570 Exp及利用样本分析 (github-poc)
- CVE-2017-8570 Exp及利用样本分析 (github-poc)
…and 42 more exploits
Timeline
- May 9, 2017 PoC Published
- May 9, 2017 PoC Published
- May 11, 2017 PoC Published
- May 12, 2017 CVE Published
- Aug 27, 2017 PoC Published
- Feb 21, 2018 PoC Published
- Oct 9, 2020 PoC Published
- Oct 9, 2020 PoC Published
- Oct 9, 2020 PoC Published
- Oct 9, 2020 PoC Published
- Apr 14, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
References
- 98279 vdb
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0262 url
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-0262 url
- https://portal.msrc.microsoft.com/fr-FR/security-guidance advisory
- https://portal.msrc.microsoft.com/fr-fr/security-guidance/releasenotedetail/bc365363-f51e-e711-80da-000d3a32fc99 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2017-0262 advisory