Lucene search
Lucas Leong of Trend MicroZDI-17-730HistorySep 12, 2017 - 12:00 a.m.
Microsoft Office Word WordPerfect Document Converter Heap-based Buffer Overflow Remote Code Execution Vulnerability
2017-09-1200:00:00
Lucas Leong of Trend Micro
www.zerodayinitiative.com
22
EPSS
0.27
Percentile
96.8%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the converter for WordPerfect documents. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the process.
Related
openvas
openvas
symantec
symantec
Microsoft Office CVE-2017-8744 Remote Code Execution Vulnerability
2017-09-12 00:00:00
mscve
mscve
Microsoft Office Remote Code Execution Vulnerability
2017-09-12 07:00:00
checkpoint_advisories
checkpoint_advisories
mskb
mskb
Description of the security update for Office 2013: September 12, 2017
2017-09-12 07:00:00
Description of the security update for 2007 Microsoft Office Suite: September 12, 2017
2017-09-12 07:00:00
Description of the security update for Office 2016: September 12, 2017
2017-09-12 07:00:00
cve
cve
cvelist
cvelist
nvd
nvd
prion
prion
Remote code execution
2017-09-13 01:29:00
Remote code execution
2017-09-13 01:29:00
Remote code execution
2017-09-13 01:29:00
nessus
nessus
Security Updates for Microsoft Office Products (September 2017)
2017-09-12 00:00:00
kaspersky
kaspersky
KLA11100 Multiple vulnerabilities in Microsoft Office
2017-09-12 00:00:00
talosblog
talosblog
Microsoft Patch Tuesday - September 2017
2017-09-12 15:41:00
trendmicroblog
trendmicroblog