High severity7.8NVD Advisory· Published Jun 15, 2017· Updated Jun 17, 2026
CVE-2017-0260
CVE-2017-0260
Description
A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, and CVE-2017-8506.
Affected products
7cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*
- Microsoft Corporation/Microsoft Officev5Range: Microsoft Office 2013 Service Pack 1 Click-to-Run (C2R), Microsoft Office 2016 Click-to-Run (C2R), Windows 7, Windows Server 2008 and Windows Server 2008 R2.
Patches
Vulnerability mechanics
References
3- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0260nvdPatchVendor Advisory
- www.securityfocus.com/bid/98810nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1038668nvd
News mentions
0No linked articles in our index yet.