Lucene search
MicrosoftCVELIST:CVE-2017-0199HistoryApr 12, 2017 - 2:00 p.m.
CVE-2017-0199
2017-04-1214:00:00
microsoft
www.cve.org
1
Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted document, aka “Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API.”
CNA Affected
[
{
"product": "Office/WordPad",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8.1"
}
]
}
]References
rewtin.blogspot.nl/2017/04/cve-2017-0199-practical-exploitation-poc.html
www.securityfocus.com/bid/97498
www.securitytracker.com/id/1038224
blog.nviso.be/2017/04/12/analysis-of-a-cve-2017-0199-malicious-rtf-document/
ics-cert.us-cert.gov/advisories/ICSMA-18-058-02
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0199
www.exploit-db.com/exploits/41894/
www.exploit-db.com/exploits/41934/
www.exploit-db.com/exploits/42995/
www.fireeye.com/blog/threat-research/2017/04/cve-2017-0199_useda.html
www.mdsec.co.uk/2017/04/exploiting-cve-2017-0199-hta-handler-vulnerability/
Related
packetstorm
packetstorm
Microsoft RTF Remote Code Execution
2017-04-19 00:00:00
Microsoft Office Word Malicious Hta Execution
2017-04-24 00:00:00
Microsoft Word MTA Handler Remote Code Execution
2017-06-27 00:00:00
fireeye
fireeye
openvas
openvas
Microsoft Office Suite Remote Code Execution Vulnerability (KB4014793)
2017-04-12 00:00:00
Microsoft Office Suite Remote Code Execution Vulnerability (KB3141538)
2017-04-12 00:00:00
Microsoft Office Suite Remote Code Execution Vulnerability (KB3178710)
2017-04-12 00:00:00
myhack58
myhack58
malwarebytes
malwarebytes
Fake IRS notice delivers customized spying tool
2017-09-21 15:00:24
Magecart Group 4: A link with Cobalt Group?
2019-10-03 15:00:00
APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT
2020-03-16 15:00:00
securelist
securelist
APT Trends report Q3 2017
2017-11-14 09:41:27
RevengeHotels: cybercrime targeting hotel front desks worldwide
2019-11-28 10:00:48
The BlueNoroff cryptocurrency hunt is still on
2022-01-13 09:00:23
zdt
zdt
Microsoft Office / WordPad Remote Code Execution Vulnerability
2017-04-16 00:00:00
Microsoft Word - .RTF Remote Code Execution Exploit
2017-04-19 00:00:00
Microsoft Excel - OLE Arbitrary Code Execution Exploit
2017-10-18 00:00:00
threatpost
threatpost
WikiLeaks Reveals CIA Tool 'Scribbles' For Document Tracking
2017-04-28 18:52:20
APT36 Taps Coronavirus as 'Golden Opportunity' to Spread Crimson RAT
2020-03-17 15:07:38
APT36 Taps Coronavirus as 'Golden Opportunity' to Spread Crimson RAT
2020-03-17 15:07:38
mskb
mskb
Description of the security update for Office 2016: April 11, 2017
2017-04-11 07:00:00
Description of the security update for Office 2010: April 11, 2017
2017-04-11 07:00:00
Description of the security update for Office 2013: April 11, 2017
2017-04-11 07:00:00
saint
saint
Microsoft Word and WordPad RTF HTA handler command execution
2017-04-20 00:00:00
Microsoft Word and WordPad RTF HTA handler command execution
2017-04-20 00:00:00
Microsoft Word and WordPad RTF HTA handler command execution
2017-04-20 00:00:00
talosblog
talosblog
New campaign uses government, union-themed lures to deliver Cobalt Strike beacons
2022-09-28 12:12:00
JhoneRAT: Cloud based python RAT targeting Middle Eastern countries
2020-01-19 02:58:29
Threat Round Up For Sept 8 - Sept 15
2017-09-15 13:10:00
thn
thn
Petya Ransomware Spreading Rapidly Worldwide, Just Like WannaCry
2017-06-27 03:32:00
Indian-Made Mobile Spyware Targeted Human Rights Activist in Togo
2021-10-11 09:21:00
Not Just Criminals, But Governments Were Also Using MS Word 0-Day Exploit
2017-04-12 21:41:00
mscve
mscve
Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows
2017-04-11 07:00:00
metasploit
metasploit
Microsoft Office Word Malicious Hta Execution
2017-04-15 02:32:48
cisa_kev
cisa_kev
Microsoft Office and WordPad Remote Code Execution Vulnerability
2021-11-03 00:00:00
exploitpack
exploitpack
Microsoft Word - .RTF Remote Code Execution
2017-04-18 00:00:00
Microsoft Office - Composite Moniker Remote Code Execution
2018-01-09 00:00:00
cve
cve
CVE-2017-0199
2017-04-12 14:59:01
nessus
nessus
Security Update for Microsoft Office Products (April 2017) (Petya)
2017-04-12 00:00:00
attackerkb
attackerkb
CVE-2017-0199
2017-04-12 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Outlook Remote Code Execution (CVE-2017-0199)
2017-04-11 00:00:00
ics
ics
Dridex Malware
2020-06-30 12:00:00
Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks
2022-02-24 12:00:00
Top 10 Routinely Exploited Vulnerabilities
2020-05-12 12:00:00
cert
cert
Microsoft OLE URL Moniker improperly handles remotely-linked HTA data
2017-04-10 00:00:00
rapid7community
rapid7community
Patch Tuesday - April 2017
2017-04-12 03:13:07
Metasploit Weekly Wrapup
2017-05-05 20:37:48
seebug
seebug
Microsoft Office OLE2Link vulnerability (CVE-2017-0199)
2017-04-12 00:00:00
mssecure
mssecure
hivepro
hivepro
Actors, Threats and Vulnerabilities 08 to 14 May 2023
2023-05-16 06:27:25
prion
prion
Remote code execution
2017-04-12 14:59:00
nvd
nvd
CVE-2017-0199
2017-04-12 14:59:01
exploitdb
exploitdb
Microsoft Word - '.RTF' Remote Code Execution
2017-04-18 00:00:00
Microsoft Office - 'Composite Moniker Remote Code Execution
2018-01-09 00:00:00
avleonov
avleonov
Petya the Great and why *they* don’t patch vulnerabilities
2017-06-29 21:29:50
kaspersky
kaspersky
KLA11024 Defense-in-Depth Update for Microsoft Office
2017-04-11 00:00:00
KLA11059 Multiple vulnerabilities in Microsoft Windows
2017-04-11 00:00:00
canvas
canvas
Immunity Canvas: OFFICE_WSDL
2017-09-13 01:29:00
trellix
trellix
qualysblog
qualysblog