Vulnerability Description
Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Compatibility Pack Service Pack 3, Microsoft Excel Viewer 2007 Service Pack 3, and Microsoft Excel 2016 for Mac allow a security feature bypass by not enforcing macro settings on an Excel document, aka "Microsoft Excel Security Feature Bypass Vulnerability".
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Excel | 2007 |
| Microsoft | Excel Viewer | 2007 |
| Microsoft | Office Compatibility Pack | - |
References
- http://www.securityfocus.com/bid/101747Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1039783Third Party AdvisoryVDB Entry
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-1187Issue TrackingPatchVendor Advisory
- http://www.securityfocus.com/bid/101747Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1039783Third Party AdvisoryVDB Entry
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-1187Issue TrackingPatchVendor Advisory
FAQ
What is CVE-2017-11877?
CVE-2017-11877 is a vulnerability with a CVSS score of 5.5 (MEDIUM). Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Compatibil...
How severe is CVE-2017-11877?
CVE-2017-11877 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-11877?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Excel, Microsoft Excel Viewer, Microsoft Office Compatibility Pack.