Microsoft Office Remote Code Execution (CVE-2017-0261)

A remote code execution vulnerability exists in Encapsulated PostScript EPS of Microsoft Office. The vulnerability is due to the way that Microsoft Office does not properly handle objects in memory while parsing specially crafted Office files. A remote attacker can exploit this issue by enticing ...

Remote code execution

Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2016, Office Online Server 2016, Office Web Apps 2010 SP2,Office Web Apps 2013 SP1, Project Server 2013 SP1, SharePoint Enterprise Server 2013 SP1, SharePoint Enterprise Server 2016, SharePoint Foundation 2013 SP1, Sharepoint...

CVE-2017-0261

Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0262 and CVE-2017-0281...

CVE-2017-0261

Microsoft Office remote code execution vulnerability (CVE-2017-0261) affects Office 2010 SP2, 2013 SP1, and 2016. Root cause: improper handling of in-memory objects while parsing specially crafted files (EPS/Office formats). Exploitation involves convincing a user to open a crafted file, enabling...

CVE-2017-0281

CVE-2017-0281 / CVE-2017-0262 describe a remote code execution flaw in Microsoft Office and related components triggered by memory handling errors while processing specially crafted Office files (EPS in particular). Affected products include Office 2010 SP2, Office 2013 SP1, Office 2016, and broa...

Microsoft Office Suite Remote Code Execution Vulnerabilities (KB3172458)

This host is missing an important security update for Microsoft Office Suite according to Microsoft KB3172458 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier...

CVE-2017-0261

creationtimestamp| type| source ---|---|--- 2017-05-09 18:26:18+00:00| seen| MISP/59120865-27e0-4e6d-9b74-4a9f950d210f 2017-08-27 05:51:40+00:00| seen| MISP/59a25cc4-e870-4bef-a7d1-48a802de0b81 2018-04-11 13:46:56+00:00| seen| MISP/5ace0cf8-de70-4e7b-85bf-7a34ac12042b 2020-10-09 16:41:22+00:00|...

EPS Processing Zero-Days Exploited by Multiple Threat Actors

In 2015, FireEye published details about two attacks exploiting vulnerabilities in Encapsulated PostScript EPS of Microsoft Office. One was a zero-day and one was patched weeks before the attack launched. Recently, FireEye identified three new zero-day vulnerabilities in Microsoft Office products...