Home

CVE-2017-11877

Description

Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Compatibility Pack Service Pack 3, Microsoft Excel Viewer 2007 Service Pack 3, and Microsoft Excel 2016 for Mac allow a security feature bypass by not enforcing macro settings on an Excel document, aka Microsoft Excel Security Feature Bypass Vulnerability.

Risk Information

Base Score
5.5
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
EPSS Score
Exploitation Probability
11.994

Associated Vulnerability

VulnerabilityOS Platform
Microsoft Office Excel Security Feature Bypass for Microsoft Office Compatibility Pack Service Pack 3 (KB4011205)Windows
Microsoft Office Excel Security Feature Bypass for Microsoft Excel 2010 (KB4011197) 64-Bit EditionWindows
Microsoft Office Excel Security Feature Bypass for Microsoft Excel 2010 (KB4011197) 32-Bit EditionWindows
Microsoft Office Excel Security Feature Bypass for Microsoft Excel 2016 (KB4011220) 64-Bit EditionWindows
Microsoft Office Excel Security Feature Bypass for Microsoft Excel 2016 (KB4011220) 32-Bit EditionWindows
Microsoft Office Excel Security Feature Bypass for Microsoft Office Excel Viewer 2007 (KB4011206)Windows
Microsoft Office Excel Security Feature Bypass for Microsoft Excel 2013 (KB4011233) 64-Bit EditionWindows
Microsoft Office Excel Security Feature Bypass for Microsoft Excel 2013 (KB4011233) 32-Bit EditionWindows
Microsoft Office Excel Security Feature Bypass for Microsoft Office Excel 2007 (KB4011199)Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-23481Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB4011205)
PATCH-23472Security Update for Microsoft Excel 2010 (KB4011197) 64-Bit Edition
PATCH-23471Security Update for Microsoft Excel 2010 (KB4011197) 32-Bit Edition
PATCH-23450Security Update for Microsoft Excel 2016 (KB4011220) 64-Bit Edition
PATCH-23449Security Update for Microsoft Excel 2016 (KB4011220) 32-Bit Edition
PATCH-23479Security Update for Microsoft Office Excel Viewer 2007 (KB4011206)
PATCH-23458Security Update for Microsoft Excel 2013 (KB4011233) 64-Bit Edition
PATCH-23457Security Update for Microsoft Excel 2013 (KB4011233) 32-Bit Edition
PATCH-23478Security Update for Microsoft Office Excel 2007 (KB4011199)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234