Home

CVE-2017-8506

Description

A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka Office Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, and CVE-2017-0260.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
33.91

Associated Vulnerability

VulnerabilityOS Platform
Microsoft Outlook Security Feature Bypass Vulnerability for Microsoft Outlook 2016 (KB3191932) 64-Bit EditionWindows
Microsoft Outlook Security Feature Bypass Vulnerability for Microsoft Outlook 2016 (KB3191932) 32-Bit EditionWindows
Microsoft Outlook Security Feature Bypass Vulnerability for Microsoft Outlook 2013 (KB3191938) 64-Bit EditionWindows
Microsoft Outlook Security Feature Bypass Vulnerability for Microsoft Outlook 2013 (KB3191938) 32-Bit EditionWindows
Microsoft Outlook Remote Code Execution Vulnerability for Microsoft Outlook 2010 (KB3203467) 32-Bit EditionWindows
Microsoft Outlook Remote Code Execution Vulnerability for Microsoft Outlook 2010 (KB3203467) 64-Bit EditionWindows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-22634Security Update for Microsoft Outlook 2016 (KB3191932) 64-Bit Edition
PATCH-22633Security Update for Microsoft Outlook 2016 (KB3191932) 32-Bit Edition
PATCH-22650Security Update for Microsoft Outlook 2013 (KB3191938) 64-Bit Edition
PATCH-22649Security Update for Microsoft Outlook 2013 (KB3191938) 32-Bit Edition

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234