← back
CVE-2017-0108

CVE-2017-0108

EPSS 50.5%
The Windows Graphics Component in Microsoft Office 2007 SP3; 2010 SP2; and Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Live Meeting 2007; Silverlight 5; Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Graphics Component Remote Code Execution Vulnerability." This vulnerability is different from that described in CVE-2017-0014.
Affected products
Microsoft Corporation · Windows Graphics Component
public PoCs found3
githubgithub.com/homjxi0e/CVE-2017-01082cve_referencewww.exploit-db.com/exploits/41647/unverifiedexploitdbwww.exploit-db.com/exploits/41647unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0108https://www.exploit-db.com/exploits/41647/http://www.securityfocus.com/bid/96722http://www.securitytracker.com/id/1038002