High severity7.8NVD Advisory· Published Apr 12, 2017· Updated Jun 17, 2026
CVE-2017-0106
CVE-2017-0106
Description
Microsoft Excel 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1, and Microsoft Outlook 2016 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
Affected products
8cpe:2.3:a:microsoft:outlook:2007:sp3:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:microsoft:outlook:2007:sp3:*:*:*:*:*:*
- cpe:2.3:a:microsoft:outlook:2010:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:outlook:2013:sp1:*:*:*:*:*:*
- cpe:2.3:a:microsoft:outlook:2016:*:*:*:*:*:*:*
- (no CPE)range: 2010 SP2, 2013 SP1, 2016
Patches
Vulnerability mechanics
References
3- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0106nvdPatchVendor Advisory
- www.securityfocus.com/bid/97413nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1038227nvd
News mentions
0No linked articles in our index yet.