High severity7.8NVD Advisory· Published Mar 17, 2017· Updated May 13, 2026

CVE-2017-0030

Description

Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Office Web Apps Server 2010 SP2, Word 2007 SP3, Word 2010 SP2, and Word Automation Services on SharePoint Server 2010 SP2 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0006, CVE-2017-0019, CVE-2017-0020, CVE-2017-0031, CVE-2017-0052, and CVE-2017-0053.

Affected products

Microsoft/Office2 versions
cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:*
- (no CPE)range: Office 2010 SP2, Office Compatibility Pack SP3, Office Web Apps Server 2010 SP2, Word 2007 SP3, Word 2010 SP2, and Word Automation Services on SharePoint Server 2010 SP2
Microsoft/Office Compatibility Pack
cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*
Microsoft/Office Web Apps
cpe:2.3:a:microsoft:office_web_apps:2010:sp2:*:*:*:*:*:*
Microsoft/Sharepoint Server
cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:*
Microsoft/Word2 versions
cpe:2.3:a:microsoft:word:2007:sp3:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:word:2007:sp3:*:*:*:*:*:*
- cpe:2.3:a:microsoft:word:2010:sp2:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0030nvdPatchVendor Advisory
www.securityfocus.com/bid/96051nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1038010nvd

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.022
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000