The vulnerability of the Microsoft PowerPoint presentation preparation program, the Microsoft SharePoint Server corporate application package, and the Office Online Server web server is related to incorrect handling of objects in memory, allowing an attacker to execute arbitrary code.

🗓️ 17 Oct 2017 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

Vulnerability in PowerPoint, SharePoint Server, and Office Online Server from improper in-memory object handling enabling remote code execution.

Reporter	Title	Published	Views	Family All 22
CNVD	Microsoft PowerPoint, SharePoint Enterprise Server and Office Online Server Remote Code Execution Vulnerability	13 Sep 201700:00	–	cnvd
CVE	CVE-2017-8743	13 Sep 201701:00	–	cve
Cvelist	CVE-2017-8743	13 Sep 201701:00	–	cvelist
Microsoft KB	Description of the security update for Office Online Server: September 12, 2017	12 Sep 201707:00	–	mskb
Microsoft KB	Description of the security update for PowerPoint 2016: September 12, 2017	12 Sep 201707:00	–	mskb
Microsoft KB	Description of the security update for SharePoint Server 2016: September 12, 2017	12 Sep 201707:00	–	mskb
Kaspersky	KLA11100 Multiple vulnerabilities in Microsoft Office	12 Sep 201700:00	–	kaspersky
Microsoft CVE	Microsoft PowerPoint Remote Code Execution Vulnerability	12 Sep 201707:00	–	mscve
NVD	CVE-2017-8743	13 Sep 201701:29	–	nvd
OpenVAS	Microsoft SharePoint Enterprise Server 2016 Multiple Vulnerabilities (KB4011127)	13 Sep 201700:00	–	openvas

Source	Link
securityfocus	www.securityfocus.com/bid/100746
securitytracker	www.securitytracker.com/id/1039323
portal	www.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8743
web	www.web.nvd.nist.gov/view/vuln/detail

23 Mar 2021 00:00Current

7.6High risk

Vulners AI Score7.6

CVSS 37.8

CVSS 29.3

EPSS0.21319

PowerPoint vulnerability SharePoint Server Office Online Server in memory handling remote code execution