High severity7.8NVD Advisory· Published Jun 15, 2017· Updated May 13, 2026

CVE-2017-8487

Description

Windows OLE in Windows XP and Windows Server 2003 allows an attacker to execute code when a victim opens a specially crafted file or program aka "Windows olecnv32.dll Remote Code Execution Vulnerability."

Affected products

Microsoft/Windows Server 2003
cpe:2.3:o:microsoft:windows_server_2003:-:*:*:*:*:*:*:*
Microsoft/Windows Xp
cpe:2.3:o:microsoft:windows_xp:-:*:*:*:*:*:*:*
Microsoft Corporation/Microsoft Windowsv5
Range: Windows XP SP3, Windows XP x64 SP2, Windows Server 2003 SP2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.microsoft.com/en-us/help/4025218/security-update-for-windows-xp-and-windows-server-2003nvdPatchVendor Advisory
www.exploit-db.com/exploits/42211/nvdExploitThird Party AdvisoryVDB Entry
www.securityfocus.com/bid/99013nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1038702nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.055
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000