CVE-2017-11882

Published
View on NVD ↗
CVSS v3
7.8
HIGH
CVSS v2
9.3
HIGH
Affected
4
PROJECTS

Description

Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884.

embedi/CVE-2017-11882
embedi/CVE-2017-11882
Proof-of-Concept exploits for CVE-2017-11882
GitHubGitHub
495
0x09AL/CVE-2017-11882-metasploit
0x09AL/CVE-2017-11882-metasploit
This is a Metasploit module which exploits CVE-2017-11882 using the POC released here : https://embedi.com/blog/skeleton-closet-ms-office-vulnerability-you-didnt-know-about.
GitHubGitHub
97
rip1s/CVE-2017-11882
rip1s/CVE-2017-11882
CVE-2017-11882 Exploit accepts over 17k bytes long command/code in maximum.
GitHubGitHub
332
rxwx/CVE-2017-11882
rxwx/CVE-2017-11882
Proof-of-Concept exploits for CVE-2017-11882
GitHubGitHub
41