CVE-2017-0031
high
Microsoft CVSS v3 Base Score
7.8
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
21.9%
Exploitation probability in 30 days
Top 4% most likely to be exploited
Attack Characteristics
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Confidentiality
High
Integrity
High
Availability
High
Vulnerability Report
Generated by CyberWatcher
Description
Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Word 2007 SP3, and Word 2010 SP2 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0006, CVE-2017-0019, CVE-2017-0020, CVE-2017-0030, CVE-2017-0052, and CVE-2017-0053.
CWE
CWE-119Affected Products
microsoft officemicrosoft office compatibility packmicrosoft word