CVE-2017-8588
published 2017-07-11CVE-2017-8588: Microsoft WordPad in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511…
PriorityP342high7CVSS 3.0
AVLACHPRNUIRSUCHIHAH
EPSS
17.21%
96.7th percentile
Microsoft WordPad in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way it parses specially crafted files, aka "WordPad Remote Code Execution Vulnerability".
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_server_2008 | — | — |
| microsoft | windows_server_2012 | — | — |
| msrc | windows_10 | — | — |
| msrc | windows_10_version_1511 | — | — |
| msrc | windows_10_version_1607 | — | — |
| msrc | windows_10_version_1703 | — | — |
| msrc | windows_7 | — | — |
| msrc | windows_8.1 | — | — |
| msrc | windows_rt_8.1 | — | — |
| msrc | windows_server_2008 | — | — |
| msrc | windows_server_2008_r2 | — | — |
| msrc | windows_server_2012 | — | — |
| msrc | windows_server_2012_r2 | — | — |
| msrc | windows_server_2016 | — | — |
CVSS provenance
nvdv3.07.0HIGHCVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.07.6HIGHAV:N/AC:H/Au:N/C:C/I:C/A:C
vendor_msrc6.7MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-6m62-mw5m-m6jc: Microsoft WordPad in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8
ghsa_unreviewed·2022-05-13
CVE-2017-8588 [HIGH] GHSA-6m62-mw5m-m6jc: Microsoft WordPad in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8
Microsoft WordPad in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way it parses specially crafted files, aka "WordPad Remote Code Execution Vulnerability".
Microsoft
WordPad Remote Code Execution Vulnerability
vendor_msrc·2017-07-11·CVSS 6.7
CVE-2017-8588 [HIGH] WordPad Remote Code Execution Vulnerability
WordPad Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists in the way that Microsoft WordPad parses specially crafted files.
Exploitation of this vulnerability requires that a user open a specially crafted file with an affected version of Microsoft WordPad. In an email attack scenario, an attacker could exploit the vulnerability by sending a specially crafted file to the user and then convincing the user to open the file.
The update addresses the vulnerability by correcting the way that Microsoft WordPad parses specially crafted files, and by enabling API functionality in Windows that Microsoft WordPad will leverage to resolve the identified issue.
Microsoft WordPad: Microsoft WordPad
Impact: Remote Code Execution
Exploit Status: Publicly Disc
No detection rules found.
No public exploits indexed.
http://www.securityfocus.com/bid/99400http://www.securitytracker.com/id/1038857https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8588http://www.securityfocus.com/bid/99400http://www.securitytracker.com/id/1038857https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8588
2017-07-11
Published