High severity7.8NVD Advisory· Published Oct 13, 2017· Updated May 13, 2026
CVE-2017-11825
CVE-2017-11825
Description
Microsoft Office 2016 Click-to-Run (C2R) and Microsoft Office 2016 for Mac allow an attacker to use a specially crafted file to perform actions in the security context of the current user, due to how Microsoft Office handles files in memory, aka "Microsoft Office Remote Code Execution Vulnerability".
Affected products
3- cpe:2.3:a:microsoft:office_for_mac:2016:*:*:*:*:*:*:*
- Microsoft Corporation/Microsoft Office 2016, Microsoft Office 2016 for Macv5Range: Microsoft Office 2016 Click-to-Run (C2R) and Microsoft Office 2016 for Mac
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11825nvdPatchVendor Advisory
- www.securityfocus.com/bid/101124nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1039539nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.