CVE-2017-11884: Buffer Overflow
First published: Wed Nov 15 2017(Updated: )
Microsoft Excel 2016 Click-to-Run (C2R) allows an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11882.
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Office Excel | =2016 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-11884?
CVE-2017-11884 is rated as a moderate severity vulnerability due to its potential to allow arbitrary code execution.
How do I fix CVE-2017-11884?
To fix CVE-2017-11884, users should ensure that Microsoft Excel 2016 is updated to the latest version provided by Microsoft.
What are the potential impacts of CVE-2017-11884?
CVE-2017-11884 can allow an attacker to execute arbitrary code in the context of the current user, leading to unauthorized access or data compromise.
Who is affected by CVE-2017-11884?
CVE-2017-11884 primarily affects users of Microsoft Excel 2016 Click-to-Run on various platforms.
How can I determine if my system is vulnerable to CVE-2017-11884?
You can determine if your system is vulnerable to CVE-2017-11884 by checking the version of Microsoft Excel you are running and verifying if it is up to date.
- agent/type
- agent/remedy
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/microsoft
- canonical/microsoft office excel
- version/microsoft office excel/2016