VYPR
High severity7.8NVD Advisory· Published Jun 15, 2017· Updated Jun 17, 2026

CVE-2017-0260

CVE-2017-0260

Description

A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, and CVE-2017-8506.

Affected products

7
  • Microsoft/Office3 versions
    cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:*:*
    • (no CPE)
  • cpe:2.3:o:microsoft:windows_7:*:sp1:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
    • cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:*:*
  • Microsoft Corporation/Microsoft Officev5
    Range: Microsoft Office 2013 Service Pack 1 Click-to-Run (C2R), Microsoft Office 2016 Click-to-Run (C2R), Windows 7, Windows Server 2008 and Windows Server 2008 R2.

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.