Medium severity5.5NVD Advisory· Published Dec 12, 2017· Updated May 13, 2026

CVE-2017-11934

Description

Microsoft Office 2013 RT SP1, Microsoft Office 2013 SP1, and Microsoft Office 2016 allow an information disclosure vulnerability due to the way certain functions handle objects in memory, aka "Microsoft Office Information Disclosure Vulnerability".

Affected products

Microsoft Corporation/Microsoft Officev5
Range: Microsoft Office 2013 RT SP1, Microsoft Office 2013 SP1, and Microsoft Office 2016

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11934nvdPatchVendor Advisory
www.securityfocus.com/bid/102064nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1039998nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.358
epss	0.019
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000