CVE-2017-11774

HIGH KEV

Microsoft Outlook <2016 - Command Injection

Title source: llm

Exploitation Summary

CVE-2017-11774 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added November 3, 2021. EIP tracks 1 public exploit from researchers including devcoinfet.

AI-analyzed exploit summary This repository contains a PoC exploit for CVE-2017-11774, which targets a vulnerability in Microsoft Outlook. The exploit generates a malicious homepage vector and uses the 'ruler' tool to execute commands, potentially leading to remote code execution (RCE).

Description

Microsoft Outlook 2010 SP2, Outlook 2013 SP1 and RT SP1, and Outlook 2016 allow an attacker to execute arbitrary commands, due to how Microsoft Office handles objects in memory, aka "Microsoft Outlook Security Feature Bypass Vulnerability."

Exploits (1)

nomisec WORKING POC 1 stars

by devcoinfet · client-side

https://github.com/devcoinfet/SniperRoost

View Code ZIP pw:eip

This repository contains a PoC exploit for CVE-2017-11774, which targets a vulnerability in Microsoft Outlook. The exploit generates a malicious homepage vector and uses the 'ruler' tool to execute commands, potentially leading to remote code execution (RCE).

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Microsoft Outlook

Auth required

Prerequisites: Valid credentials for the target Outlook account · Access to the 'ruler' tool · A server to host the malicious homepage

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Patch, Vendor Advisory x_refsource_confirm

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11774

Broken Link, Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/101098

Broken Link, Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1039542

Exploit x_refsource_misc

https://sensepost.com/blog/2017/outlook-home-page-another-ruler-vector/

Third Party Advisory, US Government Resource

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-11774

Scores

CVSS v3 7.8

EPSS 0.5989

EPSS Percentile 99.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation active

Automatable no

Technical Impact total

Details

CISA KEV 2021-11-03

VulnCheck KEV 2018-12-21

InTheWild.io 2021-07-23

ENISA EUVD EUVD-2017-3382

CWE

CWE-119

Status published

Products (6)

microsoft/outlook 2010 sp2

microsoft/outlook 2013 sp1 (2 CPE variants)

microsoft/outlook 2016

Microsoft Corporation/Microsoft Outlook Microsoft Outlook 2010 SP2

Microsoft Corporation/Microsoft Outlook Outlook 2013 SP1 and RT SP1

Microsoft Corporation/Microsoft Outlook Outlook 2016

Published Oct 13, 2017

KEV Added Nov 03, 2021

Tracked Since Feb 18, 2026