Lucene search

PRIOn knowledge basePRION:CVE-2017-0105

HistoryMar 17, 2017 - 12:59 a.m.

Information disclosure

2017-03-1700:59:00

PRIOn knowledge base

www.prio-n.com

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

5 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.938 High

EPSS

Percentile

99.1%

JSON

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information from out-of-bound memory via a crafted Office document, aka “Microsoft Office Information Disclosure Vulnerability.”

CPENameOperatorVersion
officeeq2010 sp2
office_compatibility_packeq- sp3
office_web_appseq2010 sp2
sharepoint_servereq2010 sp2
wordeq2007 sp3
word_for_maceq2011

Name	Operator	Version
office	eq	2010 sp2
office_compatibility_pack	eq	- sp3
office_web_apps	eq	2010 sp2
sharepoint_server	eq	2010 sp2
word	eq	2007 sp3
word_for_mac	eq	2011

References

www.securityfocus.com/bid/96746

www.securitytracker.com/id/1038010

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0105

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

5 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.938 High

EPSS

Percentile

99.1%

JSON

Related for PRION:CVE-2017-0105