VDB
CVE-2017-11854
CVE-2017-11854
PUBLISHED
CVSS 8.800000190734863 HIGH
Microsoft Word 2007 Service Pack 3, Microsoft Word 2010 Service Pack 2, Microsoft Office 2010 Service Pack 2, and Microsoft Office Compatibility Pack Service Pack 3 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Word Memory Corruption Vulnerability".
EPSS 18.88% · 95.4th percentile
Risk Scores
CVSS 3.0
8.800000190734863
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
18.88%
95.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft Corporation | Microsoft Office | * |
| microsoft | office | 2010 |
| microsoft | office_compatibility_pack | |
| microsoft | word | 2007, 2010 |
Exploit Intelligence
- DONKEY0xSHOT/CVE-2017-11882-Blocker (github-poc)
- DONKEY0xSHOT/CVE-2017-11882-Blocker (github-poc)
- DONKEY0xSHOT/CVE-2017-11882-Blocker (github-poc)
- DONKEY0xSHOT/CVE-2017-11882-Blocker (github-poc)
- Simple PoC of CVE-2017-11882 (github-poc)
- Simple PoC of CVE-2017-11882 (github-poc)
- Simple PoC of CVE-2017-11882 (github-poc)
- Simple PoC of CVE-2017-11882 (github-poc)
- CVE-2017-11882 Preventer for .docx files (github-poc)
- CVE-2017-11882 Preventer for .docx files (github-poc)
…and 153 more exploits
Timeline
- Nov 15, 2017 CVE Published
- Nov 23, 2017 PoC Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 28, 2022 EPSS Score
- Mar 7, 2022 EPSS Score
- May 2, 2022 EPSS Score
- Sep 5, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Jan 8, 2023 EPSS Score