High severity7.8NVD Advisory· Published Mar 17, 2017· Updated Jun 17, 2026
CVE-2017-0108
CVE-2017-0108
Description
The Windows Graphics Component in Microsoft Office 2007 SP3; 2010 SP2; and Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Live Meeting 2007; Silverlight 5; Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Graphics Component Remote Code Execution Vulnerability." This vulnerability is different from that described in CVE-2017-0014.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
21cpe:2.3:a:microsoft:live_meeting:2007:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:live_meeting:2007:*:*:*:*:*:*:*
- (no CPE)range: 2007
cpe:2.3:a:microsoft:silverlight:5.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:silverlight:5.0:*:*:*:*:*:*:*
- (no CPE)range: 5
cpe:2.3:a:microsoft:skype_for_business:2016:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:skype_for_business:2016:*:*:*:*:*:*:*
- (no CPE)range: 2016
- cpe:2.3:a:microsoft:word_viewer:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
- Range: SP3
- Range: SP2
- Microsoft Corporation/Windows Graphics Componentv5Range: The Windows Graphics Component in Microsoft Office 2007 SP3; 2010 SP2; and Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Live Meeting 2007; Silverlight 5; Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; and Windows 7 SP1
Patches
Vulnerability mechanics
References
4- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0108nvdPatchVendor Advisory
- www.securityfocus.com/bid/96722nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1038002nvd
- www.exploit-db.com/exploits/41647/nvd
News mentions
0No linked articles in our index yet.