CVE-2017-11854

CVE Database · CVE-2017-11854

CVE-2017-11854

· N/AModified

CVSS v3.1

N/A

EPSS

8.36%

Published

Nov 15, 2017

Modified

May 12, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Microsoft Word 2007 Service Pack 3, Microsoft Word 2010 Service Pack 2, Microsoft Office 2010 Service Pack 2, and Microsoft Office Compatibility Pack Service Pack 3 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Word Memory Corruption Vulnerability".

Weaknesses (CWE)

CWE-119

Affected Products (4)

microsoft · officevulnerable

microsoft · office_compatibility_packvulnerable

microsoft · wordvulnerable

References (6)

http://www.securityfocus.com/bid/101746

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1039795

Third Party AdvisoryVDB Entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11854