CVE-2017-8509

high Microsoft
CVSS v3 Base Score
8.8
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
5.6%
Exploitation probability in 30 days
Top 10% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Confidentiality
High
Integrity
High
Availability
High
Published: June 15, 2017 (3256 days ago)
Last Modified: May 13, 2026
Vendor: Microsoft
Source: NVD

Description

A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, CVE-2017-0260, and CVE-2017-8506.

CWE

NVD-CWE-noinfo

Affected Products

microsoft officemicrosoft office compatibility packmicrosoft office web appsmicrosoft office web apps servermicrosoft onenotemicrosoft sharepoint servermicrosoft wordmicrosoft word for mac

References

🔗 www.securityfocus.com 🔗 portal.msrc.microsoft.com 🔗 www.securityfocus.com 🔗 portal.msrc.microsoft.com