CVE-2017-0108
published 2017-03-17CVE-2017-0108: The Windows Graphics Component in Microsoft Office 2007 SP3; 2010 SP2; and Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Live Meeting 2007…
high7.8CVSS 3.0
AVLACLPRNUIRSUCHIHAH
EXPLOIT
The Windows Graphics Component in Microsoft Office 2007 SP3; 2010 SP2; and Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Live Meeting 2007; Silverlight 5; Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Graphics Component Remote Code Execution Vulnerability." This vulnerability is different from that described in CVE-2017-0014.
Affected
27 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | live_meeting | — | — |
| microsoft | lync | — | — |
| microsoft | lync | — | — |
| microsoft | office | — | — |
| microsoft | office | — | — |
| microsoft | silverlight | — | — |
| microsoft | skype_for_business | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_server_2008 | — | — |
| microsoft | windows_server_2012 | — | — |
| microsoft_corporation | windows_graphics_component | — | — |
| msrc | microsoft_lync_2010 | — | — |
| msrc | microsoft_lync_2010_attendee | — | — |
| msrc | microsoft_lync_2013_service_pack_1 | — | — |
| msrc | microsoft_lync_basic_2013_service_pack_1 | — | — |
| msrc | microsoft_office_2007_service_pack_3 | — | — |
| msrc | microsoft_office_2010_service_pack_2 | — | — |
| msrc | microsoft_office_word_viewer | — | — |
| msrc | microsoft_silverlight_5_developer_runtime_when_installed | — | — |
| msrc | microsoft_silverlight_5_when_installed | — | — |
| msrc | skype | — | — |
| msrc | windows_7 | — | — |
| msrc | windows_server_2008 | — | — |
| msrc | windows_server_2008_r2 | — | — |