CVE-2017-11774
CVE-2017-11774
In short
Microsoft Outlook versions 2010, 2013, and 2016 have a flaw that allows attackers to run malicious commands by exploiting how the application handles objects in memory. This bypasses security protections that normally block such attacks.
Technical detail
The vulnerability exists in Microsoft Outlook's memory object handling mechanism, allowing attackers to bypass security features and achieve arbitrary command execution. Exploitation requires crafted input delivered through Outlook, with impact limited by the privileges of the affected user account. CWE-119 (Buffer Overflow) is the underlying memory safety issue enabling the bypass.
Summary generated and translated by AI from the official description.
Microsoft Outlook 2010 SP2, Outlook 2013 SP1 and RT SP1, and Outlook 2016 allow an attacker to execute arbitrary commands, due to how Microsoft Office handles objects in memory, aka "Microsoft Outlook Security Feature Bypass Vulnerability."
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
Microsoft Corporation · Microsoft Outlookpublic PoCs found — 1
githubgithub.com/devcoinfet/SniperRoost★ 1⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11774https://sensepost.com/blog/2017/outlook-home-page-another-ruler-vector/https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-11774http://www.securityfocus.com/bid/101098http://www.securitytracker.com/id/1039542