Home

CVE-2017-0199

Description

Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted document, aka Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
94.327

Associated Vulnerability

VulnerabilityOS Platform
Internet Explorer Elevation of Privilege Vulnerability for Windows Server 2012 (KB4015551) - Petya ransomware attack (CVE-2017-0199)Windows
LDAP Elevation of Privilege Vulnerability for Windows Server 2012 (KB4015548) - Petya ransomware attack (CVE-2017-0199)Windows
Internet Explorer Elevation of Privilege Vulnerability for Windows Server 2008 R2 for x64-based Systems (KB4015549) - Petya ransomware attack (CVE-2017-0199)Windows
Internet Explorer Elevation of Privilege Vulnerability for Windows 7 for x64-based Systems (KB4015549) - - Petya ransomware attack (CVE-2017-0199)Windows
Internet Explorer Elevation of Privilege Vulnerability for Windows 7 (KB4015549) - Petya ransomware attack (CVE-2017-0199)Windows
LDAP Elevation of Privilege Vulnerability for Windows Server 2008 R2 for x64-based Systems (KB4015546) - Petya ransomware attack (CVE-2017-0199)Windows
LDAP Elevation of Privilege Vulnerability for Windows 7 for x64-based Systems (KB4015546) - Petya ransomware attack (CVE-2017-0199)Windows
LDAP Elevation of Privilege Vulnerability for Windows 7 (KB4015546) - Petya ransomware attack (CVE-2017-0199)Windows
Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows for the microsoft office remote code execution vulnerability: april 11, 2017 for Windows Server 2008 for x64-based Systems (KB4014793) - Petya ransomware attack (CVE-2017-0199)Windows
Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows for the microsoft office remote code execution vulnerability: april 11, 2017 for Windows Server 2008 (KB4014793) - Petya ransomware attack (CVE-2017-0199)Windows
Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows for the microsoft office remote code execution vulnerability: april 11, 2017 for Windows Vista for x64-based Systems (KB4014793) - Petya ransomware attack (CVE-2017-0199)Windows
Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows for the microsoft office remote code execution vulnerability: april 11, 2017 for Windows Vista (KB4014793) - Petya ransomware attack (CVE-2017-0199)Windows
Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows for Microsoft Office 2013 (KB3178710) 64-Bit Edition - Petya ransomware attack (CVE-2017-0199)Windows
Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows for Microsoft Office 2013 (KB3178710) 32-Bit Edition - Petya ransomware attack (CVE-2017-0199)Windows
Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows for Microsoft Office 2007 suites (KB3141529) - Petya ransomware attack (CVE-2017-0199)Windows
Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows for Microsoft Office 2016 (KB3178703) 64-Bit Edition - Petya ransomware attack (CVE-2017-0199)Windows
Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows for Microsoft Office 2016 (KB3178703) 32-Bit Edition - Petya ransomware attack (CVE-2017-0199)Windows
Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows for Microsoft Office 2010 (KB3141538) 64-Bit Edition - Petya ransomware attack (CVE-2017-0199)Windows
Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows for Microsoft Office 2010 (KB3141538) 32-Bit Edition - Petya ransomware attack (CVE-2017-0199)Windows
Multiple Vulnerabilities are affected in Philips IntelliSpace Portal 8.0Windows
Vulnerabilities CVE-2017-0143,CVE-2017-0199 are affected in Philips IntelliSpace Portal 7.0Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-22220April, 2017 Security Monthly Quality Rollup for Windows Server 2012 (KB4015551) - Petya ransomware attack (CVE-2017-0199)
PATCH-22280April, 2017 Security Only Quality Update for Windows Server 2012 (KB4015548) - Petya ransomware attack (CVE-2017-0199)
PATCH-22216April, 2017 Security Monthly Quality Rollup for Windows Server 2008 R2 for x64-based Systems (KB4015549) - Petya ransomware attack (CVE-2017-0199)
PATCH-22215April, 2017 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4015549) - - Petya ransomware attack (CVE-2017-0199)
PATCH-22214April, 2017 Security Monthly Quality Rollup for Windows 7 (KB4015549) - Petya ransomware attack (CVE-2017-0199)
PATCH-22276April, 2017 Security Only Quality Update for Windows Server 2008 R2 for x64-based Systems (KB4015546) - Petya ransomware attack (CVE-2017-0199)
PATCH-22275April, 2017 Security Only Quality Update for Windows 7 for x64-based Systems (KB4015546) - Petya ransomware attack (CVE-2017-0199)
PATCH-22274April, 2017 Security Only Quality Update for Windows 7 (KB4015546) - Petya ransomware attack (CVE-2017-0199)
PATCH-22284Security Update for Windows Server 2008 for x64-based Systems (KB4014793) - Petya ransomware attack (CVE-2017-0199)
PATCH-22282Security Update for Windows Server 2008 (KB4014793) - Petya ransomware attack (CVE-2017-0199)
PATCH-22283Security Update for Windows Vista for x64-based Systems (KB4014793) - Petya ransomware attack (CVE-2017-0199)
PATCH-22281Security Update for Windows Vista (KB4014793) - Petya ransomware attack (CVE-2017-0199)
PATCH-22168Security Update for Microsoft Office 2013 (KB3178710) 64-Bit Edition - Petya ransomware attack (CVE-2017-0199)
PATCH-22169Security Update for Microsoft Office 2013 (KB3178710) 32-Bit Edition - Petya ransomware attack (CVE-2017-0199)
PATCH-22198Security Update for Microsoft Office 2016 (KB3178703) 64-Bit Edition - Petya ransomware attack (CVE-2017-0199)
PATCH-22197Security Update for Microsoft Office 2016 (KB3178703) 32-Bit Edition - Petya ransomware attack (CVE-2017-0199)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234