High severity7.8CISA KEVNVD Advisory· Published Apr 12, 2017· Updated Apr 22, 2026

CVE-2017-0199

Description

Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API."

Affected products

Microsoft/Office4 versions
cpe:2.3:a:microsoft:office:2007:sp3:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:microsoft:office:2007:sp3:*:*:*:*:*:*
- cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:*:*
- cpe:2.3:a:microsoft:office:2016:-:*:*:*:*:*:*
Philips/Intellispace Portal2 versions
cpe:2.3:a:philips:intellispace_portal:7.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:philips:intellispace_portal:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:philips:intellispace_portal:8.0:*:*:*:*:*:*:*
Microsoft/Windows 7
cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*
Microsoft/Windows Server 20082 versions
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
Microsoft/Windows Server 2012
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
Microsoft/Windows Vista
cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0199nvdPatchVendor Advisory
rewtin.blogspot.nl/2017/04/cve-2017-0199-practical-exploitation-poc.htmlnvdExploitThird Party Advisory
blog.nviso.be/2017/04/12/analysis-of-a-cve-2017-0199-malicious-rtf-document/nvdExploitThird Party Advisory
www.exploit-db.com/exploits/41894/nvdExploitThird Party AdvisoryVDB Entry
www.exploit-db.com/exploits/41934/nvdExploitThird Party AdvisoryVDB Entry
www.fireeye.com/blog/threat-research/2017/04/cve-2017-0199_useda.htmlnvdBroken LinkExploitThird Party Advisory
www.mdsec.co.uk/2017/04/exploiting-cve-2017-0199-hta-handler-vulnerability/nvdExploitThird Party Advisory
www.securityfocus.com/bid/97498nvdBroken LinkThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1038224nvdBroken LinkThird Party AdvisoryVDB Entry
ics-cert.us-cert.gov/advisories/ICSMA-18-058-02nvdThird Party AdvisoryUS Government Resource
www.exploit-db.com/exploits/42995/nvdThird Party AdvisoryVDB Entry
www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.075
exploit	0.030
kev	0.120
patch	0.000
ransomware	0.060