CVE-2017-0029

MEDIUM

Microsoft Office - Denial of Service

Title source: rule

Description

Microsoft Office 2010 SP2, Word 2010 SP2, Word 2013 RT SP1, and Word 2016 allow remote attackers to cause a denial of service (application hang) via a crafted Office document, aka "Microsoft Office Denial of Service Vulnerability."

References (3)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/96045

[Patch, Vendor Advisory] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0029

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1038010

Scores

CVSS v3 5.5

EPSS 0.2264

EPSS Percentile 95.8%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Classification

Status published

Affected Products (5)

microsoft/office

microsoft/word

Microsoft Corporation/Office < Office 2010 SP2, Word 2010 SP2, Word 2013 RT SP1, and Word 2016

Timeline

Published Mar 17, 2017

Tracked Since Feb 18, 2026