CVE-2017-8742

CWE-119Buffer Overflow4 documents4 sources
Severity
7.8HIGH
EPSS
36.5%
top 2.87%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
Microsoft Corporation Microsoft OfficeMicrosoft Office WEB AppsMicrosoft Office WEB Apps Server+4 more
Timeline
PublishedSep 13
Latest updateMay 17

Description

A remote code execution vulnerability exists in Microsoft PowerPoint 2007 Service Pack 3, Microsoft PowerPoint 2010 Service Pack 2, Microsoft PowerPoint 2013 Service Pack 1, Microsoft PowerPoint 2013 RT Service Pack 1, Microsoft PowerPoint 2016, Microsoft PowerPoint Viewer 2007, Microsoft SharePoint Server 2013 Service Pack 1, Microsoft SharePoint Enterprise Server 2016, Microsoft Office Web Apps 2010 Service Pack 2, and Microsoft Office Compatibility Pack Service Pack 3 when they fail to proper

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages7 packages

NVDmicrosoft/powerpoint4 versions+3

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

2
GHSA
GHSA-x9cj-35rq-fj52: A remote code execution vulnerability exists in Microsoft PowerPoint 2007 Service Pack 3, Microsoft PowerPoint 2010 Service Pack 2, Microsoft PowerPoi2022-05-17
CVEList
CVE-2017-8742: A remote code execution vulnerability exists in Microsoft PowerPoint 2007 Service Pack 3, Microsoft PowerPoint 2010 Service Pack 2, Microsoft PowerPoi2017-09-13

📋Vendor Advisories

1
Microsoft
Microsoft PowerPoint Remote Code Execution Vulnerability2017-09-12
CVE-2017-8742 (HIGH CVSS 7.8) | A remote code execution vulnerabili | cvebase.io