Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2017-0281 | First vendor Publication | 2017-05-12 |
Vendor | Cve | Last vendor Modification | 2019-10-03 |
Security-Database Scoring CVSS v3
Cvss vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | |||
---|---|---|---|
Overall CVSS Score | 7.8 | ||
Base Score | 7.8 | Environmental Score | 7.8 |
impact SubScore | 5.9 | Temporal Score | 7.8 |
Exploitabality Sub Score | 1.8 | ||
Attack Vector | Local | Attack Complexity | Low |
Privileges Required | None | User Interaction | Required |
Scope | Unchanged | Confidentiality Impact | High |
Integrity Impact | High | Availability Impact | High |
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2016, Office Online Server 2016, Office Web Apps 2010 SP2,Office Web Apps 2013 SP1, Project Server 2013 SP1, SharePoint Enterprise Server 2013 SP1, SharePoint Enterprise Server 2016, SharePoint Foundation 2013 SP1, Sharepoint Server 2010 SP2, Word 2016, and Skype for Business 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0261 and CVE-2017-0262. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0281 |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 4 | |
Application | 1 | |
Application | 2 | |
Application | 1 | |
Application | 1 | |
Application | 3 | |
Application | 1 | |
Application | 1 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2017-05-10 | Name : An application installed on the remote Windows host is affected by multiple v... File : smb_nt_ms17_may_office.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Source | Url |
---|---|
BID | http://www.securityfocus.com/bid/98297 |
CONFIRM | https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0281 |
Alert History
Date | Informations |
---|---|
2024-02-02 01:42:43 |
|
2024-02-01 12:12:02 |
|
2023-09-05 12:40:46 |
|
2023-09-05 01:11:46 |
|
2023-09-02 12:40:33 |
|
2023-09-02 01:12:02 |
|
2023-08-12 12:43:59 |
|
2023-08-12 01:11:32 |
|
2023-08-11 12:38:40 |
|
2023-08-11 01:11:51 |
|
2023-08-06 12:37:23 |
|
2023-08-06 01:11:31 |
|
2023-08-04 12:37:33 |
|
2023-08-04 01:11:35 |
|
2023-07-14 12:37:35 |
|
2023-07-14 01:11:34 |
|
2023-03-29 01:39:22 |
|
2023-03-28 12:11:52 |
|
2022-10-11 12:33:33 |
|
2022-10-11 01:11:30 |
|
2021-05-04 12:55:08 |
|
2021-04-22 02:07:29 |
|
2020-05-23 00:54:11 |
|
2019-10-03 09:19:46 |
|
2017-05-26 00:22:01 |
|
2017-05-16 09:22:06 |
|
2017-05-12 21:23:47 |
|