CVE-2017-0020
published 2017-03-17CVE-2017-0020: Microsoft Excel 2016, Excel 2010 SP2, Excel 2013 RT SP1, and Office Web Apps Server 2013 SP1 allow remote attackers to execute arbitrary code or cause a denial…
high7.8CVSS 3.0
AVLACLPRNUIRSUCHIHAH
Microsoft Excel 2016, Excel 2010 SP2, Excel 2013 RT SP1, and Office Web Apps Server 2013 SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0006, CVE-2017-0019, CVE-2017-0030, CVE-2017-0031, CVE-2017-0052, and CVE-2017-0053.
Affected
20 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | excel | — | — |
| microsoft | excel | — | — |
| microsoft | excel | — | — |
| microsoft | excel | — | — |
| microsoft | office | — | — |
| microsoft | office_web_apps | — | — |
| microsoft | office_web_apps | — | — |
| microsoft | sharepoint_server | — | — |
| microsoft | sharepoint_server | — | — |
| microsoft | word | — | — |
| microsoft | word | — | — |
| microsoft | word | — | — |
| microsoft | word | — | — |
| microsoft_corporation | office | — | — |
| msrc | microsoft_excel_2010_service_pack_2 | — | — |
| msrc | microsoft_excel_2013_rt_service_pack_1 | — | — |
| msrc | microsoft_excel_2013_service_pack_1 | — | — |
| msrc | microsoft_excel_2016 | — | — |
| msrc | microsoft_excel_2016_for_mac | — | — |
| msrc | microsoft_office_web_apps_server_2013_service_pack_1 | — | — |