CyberSec.Space Logo
CVEブラウザに戻る

CVE-2017-0199

Known Exploited (CISA KEV)HIGH
7.8
CVSS Severity Score
EPSS Score42.1860%
EPSS Percentile97.32th
Published2017年4月12日
Last Modified2026年4月22日

Vulnerability Description

Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API."

Affected Platforms (CPE)

📦
Microsoft

Office

= 2007
📦
Microsoft

Office

= 2010
📦
Microsoft

Office

= 2013
📦
Microsoft

Office

= 2016
💻
Microsoft

Windows 7

All versions
💻
Microsoft

Windows Server 2008

All versions
💻
Microsoft

Windows Server 2008

= r2
💻
Microsoft

Windows Server 2012

All versions
💻
Microsoft

Windows Vista

All versions
📦
Philips

Intellispace Portal

= 7.0
📦
Philips

Intellispace Portal

= 8.0

References & Advisories

🔗 http://rewtin.blogspot.nl/2017/04/cve-2017-0199-practical-exploitation-poc.html
🔗 http://www.securityfocus.com/bid/97498
🔗 http://www.securitytracker.com/id/1038224
🔗 https://blog.nviso.be/2017/04/12/analysis-of-a-cve-2017-0199-malicious-rtf-document/
🔗 https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02
🔗 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0199
🔗 https://www.exploit-db.com/exploits/41894/
🔗 https://www.exploit-db.com/exploits/41934/

関連する脆弱性情報

CVE-2001-122310.0

The web administration server for ELSA Lancom 1100 Office does not require authentication, which allows arbitrary remote attackers...

CVE-2001-126010.0

Avaya Argent Office uses weak encryption (trivial encoding) for passwords, which allows remote attackers to gain administrator pri...

CVE-2000-085410.0

When a Microsoft Office 2000 document is launched, the directory of that document is first used to locate DLL's such as riched20.d...

CVE-2007-111710.0

Unspecified vulnerability in Publisher 2007 in Microsoft Office 2007 allows remote attackers to execute arbitrary code via unspeci...