VYPR
High severity7.8NVD Advisory· Published Mar 17, 2017· Updated Jun 17, 2026

CVE-2017-0030

CVE-2017-0030

Description

Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Office Web Apps Server 2010 SP2, Word 2007 SP3, Word 2010 SP2, and Word Automation Services on SharePoint Server 2010 SP2 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0006, CVE-2017-0019, CVE-2017-0020, CVE-2017-0031, CVE-2017-0052, and CVE-2017-0053.

Affected products

10
  • Microsoft/Office2 versions
    cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:*
    • (no CPE)range: Office 2010 SP2, Office Compatibility Pack SP3, Office Web Apps Server 2010 SP2, Word 2007 SP3, Word 2010 SP2, and Word Automation Services on SharePoint Server 2010 SP2
  • cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*
    • (no CPE)range: SP3
  • cpe:2.3:a:microsoft:office_web_apps:2010:sp2:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:*
  • Microsoft/Word3 versions
    cpe:2.3:a:microsoft:word:2007:sp3:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:microsoft:word:2007:sp3:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:word:2010:sp2:*:*:*:*:*:*
    • (no CPE)range: 2007 SP3, 2010 SP2
  • Range: SP2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.