| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 6.9 | $0-$5k | 0.00 |
Summary
A vulnerability, which was classified as critical, has been found in Microsoft Office 2007 SP3/2010 SP2/2013 RT SP1/2013 SP1/2016. This affects an unknown part. Performing a manipulation results in memory corruption. This vulnerability was named CVE-2017-11826. The attack may be initiated remotely. In addition, an exploit is available. It is recommended to apply a patch to fix this issue.
Details
A vulnerability classified as critical has been found in Microsoft Office 2007 SP3/2010 SP2/2013 RT SP1/2013 SP1/2016 (Office Suite Software). This affects an unknown functionality. The manipulation with an unknown input leads to a memory corruption vulnerability. CWE is classifying the issue as CWE-119. The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer. This is going to have an impact on confidentiality, integrity, and availability.
The bug was discovered 10/10/2017. The weakness was presented 10/10/2017 by Core Security with Core Security as KB3213648 as confirmed security update guide (Website). It is possible to read the advisory at portal.msrc.microsoft.com. This vulnerability is uniquely identified as CVE-2017-11826 since 07/31/2017. It is possible to initiate the attack remotely. No form of authentication is needed for exploitation. It demands that the victim is doing some kind of user interaction. Technical details are unknown but an exploit is available. The advisory points out:
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
It is declared as attacked. The vulnerability scanner Nessus provides a plugin with the ID 103784 (Security Updates for Microsoft Office Products (October 2017)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Windows : Microsoft Bulletins and running in the context l. The commercial vulnerability scanner Qualys is able to test this issue with plugin 110306 (Microsoft Office and Microsoft Office Services and Web Apps Security Update October 2017). The CISA Known Exploited Vulnerabilities Catalog lists this issue since 03/03/2022 with a due date of 03/24/2022:
Apply updates per vendor instructions.Applying the patch KB3213648 is able to eliminate this problem. The bugfix is ready for download at catalog.update.microsoft.com. A possible mitigation has been published immediately after the disclosure of the vulnerability.
The vulnerability is also documented in the databases at Zero-Day.cz (477), Tenable (103784) and SecurityFocus (BID 101219†). See VDB-107698, VDB-107727, VDB-107728 and VDB-107729 for similar entries. Be aware that VulDB is the high quality source for vulnerability data.
Product
Type
Vendor
Name
Version
License
Website
- Vendor: https://www.microsoft.com/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 7.0VulDB Meta Temp Score: 6.9
VulDB Base Score: 6.3
VulDB Temp Score: 6.0
VulDB Vector: 🔍
VulDB Reliability: 🔍
NVD Base Score: 7.8
NVD Vector: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Memory corruptionCWE: CWE-119
CAPEC: 🔍
ATT&CK: 🔍
Physical: Partially
Local: Yes
Remote: Yes
Availability: 🔍
Status: Attacked
EPSS Score: 🔍
EPSS Percentile: 🔍
KEV Added: 🔍
KEV Due: 🔍
KEV Remediation: 🔍
KEV Ransomware: 🔍
KEV Notice: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 103784
Nessus Name: Security Updates for Microsoft Office Products (October 2017)
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Nessus Context: 🔍
OpenVAS ID: 802136
OpenVAS Name: Microsoft Office Word Viewer Remote Code Execution Vulnerability (KB4011236)
OpenVAS File: 🔍
OpenVAS Family: 🔍
Qualys ID: 🔍
Qualys Name: 🔍
Zero-Day.cz: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: PatchStatus: 🔍
Reaction Time: 🔍
0-Day Time: 🔍
Exposure Time: 🔍
Patch: KB3213648
Timeline
07/31/2017 🔍10/10/2017 🔍
10/10/2017 🔍
10/10/2017 🔍
10/10/2017 🔍
10/11/2017 🔍
10/11/2017 🔍
10/13/2017 🔍
09/09/2024 🔍
Sources
Vendor: microsoft.comAdvisory: KB3213648
Researcher: Core Security
Organization: Core Security
Status: Confirmed
Confirmation: 🔍
CVE: CVE-2017-11826 (🔍)
GCVE (CVE): GCVE-0-2017-11826
GCVE (VulDB): GCVE-100-107703
OVAL: 🔍
SecurityFocus: 101219 - Microsoft Office CVE-2017-11826 Memory Corruption Vulnerability
SecurityTracker: 1039541
scip Labs: https://www.scip.ch/en/?labs.20161013
See also: 🔍
Entry
Created: 10/11/2017 23:38Updated: 09/09/2024 22:29
Changes: 10/11/2017 23:38 (79), 11/23/2019 15:40 (7), 01/16/2021 09:47 (3), 04/23/2024 18:36 (27), 07/05/2024 18:19 (2), 07/17/2024 08:32 (1), 09/09/2024 22:29 (1)
Complete: 🔍
Cache ID: 216::103
Be aware that VulDB is the high quality source for vulnerability data.
No comments yet. Languages: en.
Please log in to comment.