Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2017-0030 | First vendor Publication | 2017-03-16 |
Vendor | Cve | Last vendor Modification | 2017-07-12 |
Security-Database Scoring CVSS v3
Cvss vector : CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H | |||
---|---|---|---|
Overall CVSS Score | 7.8 | ||
Base Score | 7.8 | Environmental Score | 7.8 |
impact SubScore | 5.9 | Temporal Score | 7.8 |
Exploitabality Sub Score | 1.8 | ||
Attack Vector | Local | Attack Complexity | Low |
Privileges Required | None | User Interaction | Required |
Scope | Unchanged | Confidentiality Impact | High |
Integrity Impact | High | Availability Impact | High |
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Office Web Apps Server 2010 SP2, Word 2007 SP3, Word 2010 SP2, and Word Automation Services on SharePoint Server 2010 SP2 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0006, CVE-2017-0019, CVE-2017-0020, CVE-2017-0031, CVE-2017-0052, and CVE-2017-0053. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0030 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Application | 1 | |
Application | 1 | |
Application | 1 | |
Application | 2 |
Snort® IPS/IDS
Date | Description |
---|---|
2017-04-14 | Microsoft Office Word out of bounds read attempt RuleID : 41982 - Revision : 3 - Type : FILE-OFFICE |
2017-04-14 | Microsoft Office Word out of bounds read attempt RuleID : 41981 - Revision : 3 - Type : FILE-OFFICE |
2017-04-12 | Microsoft Office Excel shared strings memory corruption attempt RuleID : 41980 - Revision : 4 - Type : FILE-OFFICE |
2017-04-12 | Microsoft Office Excel shared strings memory corruption attempt RuleID : 41979 - Revision : 4 - Type : FILE-OFFICE |
2017-04-12 | Microsoft Office Excel shared strings memory corruption attempt RuleID : 41977 - Revision : 4 - Type : FILE-OFFICE |
2017-04-12 | Microsoft Office Excel shared strings memory corruption attempt RuleID : 41976 - Revision : 4 - Type : FILE-OFFICE |
2017-04-12 | Microsoft Office Word 2010 use-after-free memory corruption vulnerability att... RuleID : 41965 - Revision : 4 - Type : FILE-OFFICE |
2017-04-12 | Microsoft Office Word 2010 use-after-free memory corruption vulnerability att... RuleID : 41964 - Revision : 4 - Type : FILE-OFFICE |
2017-04-12 | Microsoft Office Word template remote code execution attempt RuleID : 41963 - Revision : 2 - Type : FILE-OFFICE |
2017-04-12 | Microsoft Office Word template remote code execution attempt RuleID : 41962 - Revision : 2 - Type : FILE-OFFICE |
2017-04-04 | Microsoft Internet Explorer loadXML parseError.errorCode information disclosu... RuleID : 41798 - Revision : 2 - Type : BROWSER-IE |
2017-04-04 | Microsoft Internet Explorer loadXML parseError.errorCode information disclosu... RuleID : 41797 - Revision : 2 - Type : BROWSER-IE |
2017-03-16 | Windows Uniscribe remote code execution vulnerability attempt RuleID : 41598 - Revision : 5 - Type : FILE-OTHER |
2017-03-16 | Windows Uniscribe remote code execution vulnerability attempt RuleID : 41597 - Revision : 5 - Type : FILE-OTHER |
2017-03-14 | Microsoft Office Excel malformed CellXF memory corruption attempt RuleID : 41582 - Revision : 5 - Type : FILE-OFFICE |
2017-03-14 | Microsoft Office Excel malformed CellXF memory corruption attempt RuleID : 41581 - Revision : 5 - Type : FILE-OFFICE |
2017-03-14 | Microsoft Office RTF footnote format use after free attempt RuleID : 41578 - Revision : 4 - Type : FILE-OFFICE |
2017-03-14 | Microsoft Office RTF footnote format use after free attempt RuleID : 41577 - Revision : 4 - Type : FILE-OFFICE |
2017-03-14 | Microsoft Office Excel xlsb use-after-free attempt RuleID : 41566 - Revision : 5 - Type : FILE-OFFICE |
2017-03-14 | Microsoft Office Excel xlsb use-after-free attempt RuleID : 41565 - Revision : 5 - Type : FILE-OFFICE |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2017-03-15 | Name : An application installed on the remote macOS or Mac OS X host is affected by ... File : macosx_ms17-014_office.nasl - Type : ACT_GATHER_INFO |
2017-03-15 | Name : An application installed on the remote host is affected by multiple vulnerabi... File : smb_nt_ms17-014.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Source | Url |
---|---|
BID | http://www.securityfocus.com/bid/96051 |
CONFIRM | https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0030 |
SECTRACK | http://www.securitytracker.com/id/1038010 |
Alert History
Date | Informations |
---|---|
2021-05-04 12:55:02 |
|
2021-04-22 02:07:27 |
|
2020-05-23 00:54:08 |
|
2017-07-12 09:22:51 |
|
2017-03-23 21:22:56 |
|
2017-03-18 13:24:38 |
|
2017-03-18 09:24:24 |
|
2017-03-17 09:24:12 |
|