CVE-2017-8511
First published: Thu Jun 15 2017(Updated: )
A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8512, CVE-2017-0260, and CVE-2017-8506.
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Office | =2010-sp1 | |
| Microsoft Office | =2010-sp2 | |
| Microsoft Office | =2013-sp1 | |
| Microsoft Office | =2016 | |
| Microsoft Office Online Server | =2016 | |
| Microsoft Office Web Apps | =2010-sp2 | |
| Microsoft Office Web Apps Server 2013 | =2013-sp1 | |
| Microsoft PowerPoint for Mac | =2011 | |
| Microsoft PowerPoint for Mac | =2016 | |
| Microsoft SharePoint Server 2010 | =2013-sp1 | |
| Microsoft SharePoint Server 2010 | =2016 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-8511?
CVE-2017-8511 has been assigned a CVSS score indicating it is a critical vulnerability.
How do I fix CVE-2017-8511?
To fix CVE-2017-8511, users should apply the latest security updates from Microsoft for the affected software versions.
What types of software are affected by CVE-2017-8511?
CVE-2017-8511 affects various versions of Microsoft Office, including 2010, 2013, and 2016, as well as Microsoft PowerPoint for Mac and SharePoint Server.
What causes CVE-2017-8511?
CVE-2017-8511 is caused by improper handling of objects in memory by Microsoft Office software.
Can CVE-2017-8511 lead to remote code execution?
Yes, CVE-2017-8511 allows an attacker to execute arbitrary code remotely on an affected system.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/remedy
- agent/author
- agent/severity
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/microsoft
- canonical/microsoft office
- version/microsoft office/2010-sp1
- version/microsoft office/2010-sp2
- version/microsoft office/2013-sp1
- version/microsoft office/2016
- canonical/microsoft office online server
- version/microsoft office online server/2016
- canonical/microsoft office web apps
- version/microsoft office web apps/2010-sp2
- canonical/microsoft office web apps server 2013
- version/microsoft office web apps server 2013/2013-sp1
- canonical/microsoft powerpoint for mac
- version/microsoft powerpoint for mac/2011
- version/microsoft powerpoint for mac/2016
- canonical/microsoft sharepoint server 2010
- version/microsoft sharepoint server 2010/2013-sp1
- version/microsoft sharepoint server 2010/2016