CVE-2017-11825

Sažetak

Microsoft Office 2016 Click-to-Run (C2R) and Microsoft Office 2016 for Mac allow an attacker to use a specially crafted file to perform actions in the security context of the current user, due to how Microsoft Office handles files in memory, aka "Microsoft Office Remote Code Execution Vulnerability".

Reference

http://www.securityfocus.com/bid/101124
http://www.securitytracker.com/id/1039539
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11825

CVSS

Base:	9.3
Impact:	10.0
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

16-03-2018 - 14:03

Objavljeno

13-10-2017 - 13:29