Medium severity5.5NVD Advisory· Published Nov 15, 2017· Updated Jun 17, 2026
CVE-2017-11877
CVE-2017-11877
Description
Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Compatibility Pack Service Pack 3, Microsoft Excel Viewer 2007 Service Pack 3, and Microsoft Excel 2016 for Mac allow a security feature bypass by not enforcing macro settings on an Excel document, aka "Microsoft Excel Security Feature Bypass Vulnerability".
Affected products
12cpe:2.3:a:microsoft:excel:2007:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:microsoft:excel:2007:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:excel:2010:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:excel:2013:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:*:*
- cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:excel:2016:*:*:*:*:mac_os_x:*:*
- (no CPE)range: 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, 2016 for Mac
cpe:2.3:a:microsoft:excel_viewer:2007:sp3:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:excel_viewer:2007:sp3:*:*:*:*:*:*
- (no CPE)range: 2007 Service Pack 3
cpe:2.3:a:microsoft:office_compatibility_pack:-:sp3:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:office_compatibility_pack:-:sp3:*:*:*:*:*:*
- (no CPE)range: Service Pack 3
- Microsoft Corporation/Microsoft Officev5Range: Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Compatibility Pack Service Pack 3, Microsoft Excel Viewer 2007 Service Pack 3, and Microsoft Excel 2016 for Mac
Patches
Vulnerability mechanics
References
3- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11877nvdIssue TrackingPatchVendor Advisory
- www.securityfocus.com/bid/101747nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1039783nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.