cbcvebase.
CVE-2017-0204
published 2017-04-12

CVE-2017-0204: Microsoft Outlook 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1, and Microsoft Outlook 2016 allow remote attackers to bypass the Office…

PriorityP335medium5.5CVSS 3.0
AVLACLPRNUIRSUCNIHAN
EPSS
19.01%
97.0th percentile
Microsoft Outlook 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1, and Microsoft Outlook 2016 allow remote attackers to bypass the Office Protected View via a specially crafted document, aka "Microsoft Office Security Feature Bypass Vulnerability."

Affected

9 ranges
VendorProductVersion rangeFixed in
microsoftoutlook
microsoftoutlook
microsoftoutlook
microsoftoutlook
microsoft_corporationoutlook
msrcmicrosoft_outlook_2007_service_pack_3
msrcmicrosoft_outlook_2010_service_pack_2
msrcmicrosoft_outlook_2013_service_pack_1
msrcmicrosoft_outlook_2016

CVSS provenance

nvdv3.05.5MEDIUMCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
vendor_msrc5.5HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.