Home

CVE-2017-8744

Description

A remote code execution vulnerability exists in Excel Services, Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, and Microsoft Excel 2016 when they fail to properly handle objects in memory, aka Microsoft Office Memory Corruption Vulnerability. This CVE ID is unique from CVE-2017-8630, CVE-2017-8632, and CVE-2017-8731.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
22.842

Associated Vulnerability

VulnerabilityOS Platform
Microsoft Office Remote Code Execution Vulnerability for Microsoft Office 2010 (KB3213626) 32-Bit EditionWindows
Microsoft Office Remote Code Execution Vulnerability for Microsoft Office 2016 (KB3213551) 32-Bit EditionWindows
Microsoft Office Remote Code Execution Vulnerability for Microsoft Office 2016 (KB3213551) 64-Bit EditionWindows
Microsoft Office Remote Code Execution Vulnerability for Microsoft Office 2010 (KB3213626) 64-Bit EditionWindows
Microsoft Office Remote Code Execution Vulnerability for Microsoft Office 2013 (KB3213564) 64-Bit EditionWindows
Microsoft Office Remote Code Execution Vulnerability for Microsoft Office 2013 (KB3213564) 32-Bit EditionWindows
Microsoft Office Remote Code Execution Vulnerability for Microsoft Office 2007 suites (KB3213646)Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-23097Security Update for Microsoft Office 2010 (KB3213626) 32-Bit Edition
PATCH-23099Security Update for Microsoft Office 2016 (KB3213551) 32-Bit Edition
PATCH-23100Security Update for Microsoft Office 2016 (KB3213551) 64-Bit Edition
PATCH-23102Security Update for Microsoft Office 2010 (KB3213626) 64-Bit Edition
PATCH-23109Security Update for Microsoft Office 2013 (KB3213564) 64-Bit Edition
PATCH-23110Security Update for Microsoft Office 2013 (KB3213564) 32-Bit Edition
PATCH-23168Security Update for Microsoft Office 2007 suites (KB3213646)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234