CVE-2017-8506

Published: Jun 15, 2017Modified: May 13, 2026

7.8

Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, and CVE-2017-0260.

Affected (4)

Products: Microsoft: Outlook

1 product

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Microsoft Outlook	Version 2010 sp2
Microsoft Outlook	Version 2013 sp1
Microsoft Outlook	Version 2013 sp1
Microsoft Outlook	Version 2016

References (6)

http://www.securityfocus.com/bid/98811

Source: secure@microsoft.com

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1038666

Source: secure@microsoft.com

Third Party AdvisoryVDB Entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8506

Source: secure@microsoft.com

PatchVendor Advisory

http://www.securityfocus.com/bid/98811

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1038666

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8506

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.