VYPR
Medium severity6.5NVD Advisory· Published Dec 12, 2017· Updated Jun 17, 2026

CVE-2017-11939

CVE-2017-11939

Description

Microsoft Office 2016 Click-to-Run (C2R) allows an information disclosure vulnerability due to the way Microsoft Office enforces DRM copy/paste permissions, aka "Microsoft Office Information Disclosure Vulnerability".

Affected products

4
  • Microsoft/Office2 versions
    cpe:2.3:a:microsoft:office:2016:c2r:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:microsoft:office:2016:c2r:*:*:*:*:*:*
    • (no CPE)
  • Microsoft Corporation/Microsoft Officev5
    Range: Microsoft Office 2016 Click-to-Run (C2R)

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.