High severity7.8NVD Advisory· Published Jun 15, 2017· Updated May 13, 2026

CVE-2017-8507

Description

A remote code execution vulnerability exists in the way Microsoft Office software parses specially crafted email messages, aka "Microsoft Office Memory Corruption Vulnerability".

Affected products

Microsoft/Outlook5 versions
cpe:2.3:a:microsoft:outlook:2007:sp3:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:microsoft:outlook:2007:sp3:*:*:*:*:*:*
- cpe:2.3:a:microsoft:outlook:2010:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:outlook:2013:sp1:*:*:*:*:*:*
- cpe:2.3:a:microsoft:outlook:2013:sp1:*:*:rt:*:*:*
- cpe:2.3:a:microsoft:outlook:2016:*:*:*:*:*:*:*
Microsoft Corporation/Microsoft Officev5
Range: Microsoft Outlook 2007 Service Pack 3, Microsoft Outlook 2010 Service Pack 2, Microsoft Outlook 2013 RT Service Pack 1, Microsoft Outlook 2013 Service Pack 1, and Microsoft Outlook 2016.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8507nvdPatchVendor Advisory
www.securityfocus.com/bid/98827nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1038666nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.018
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000