Home

CVE-2017-0106

Description

Microsoft Excel 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1, and Microsoft Outlook 2016 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka Microsoft Office Memory Corruption Vulnerability.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
10.809

Associated Vulnerability

VulnerabilityOS Platform
Microsoft Outlook Security Feature Bypass Vulnerability for Microsoft Office Outlook 2007 (KB3127890)Windows
Microsoft Outlook Security Feature Bypass Vulnerability for Microsoft Outlook 2016 (KB3178664) 64-Bit EditionWindows
Microsoft Outlook Security Feature Bypass Vulnerability for Microsoft Outlook 2016 (KB3178664) 32-Bit EditionWindows
Microsoft Outlook Security Feature Bypass Vulnerability for Microsoft Outlook 2013 (KB3172519) 64-Bit EditionWindows
Microsoft Outlook Security Feature Bypass Vulnerability for Microsoft Outlook 2013 (KB3172519) 32-Bit EditionWindows
Microsoft Outlook Security Feature Bypass Vulnerability for Microsoft Outlook 2010 (KB3118388) 64-Bit EditionWindows
Microsoft Outlook Security Feature Bypass Vulnerability for Microsoft Outlook 2010 (KB3118388) 32-Bit EditionWindows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-22174Security Update for Microsoft Office Outlook 2007 (KB3127890)
PATCH-22176Security Update for Microsoft Outlook 2016 (KB3178664) 64-Bit Edition
PATCH-22175Security Update for Microsoft Outlook 2016 (KB3178664) 32-Bit Edition
PATCH-22180Security Update for Microsoft Outlook 2013 (KB3172519) 64-Bit Edition
PATCH-22179Security Update for Microsoft Outlook 2013 (KB3172519) 32-Bit Edition
PATCH-22178Security Update for Microsoft Outlook 2010 (KB3118388) 32-Bit Edition

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234