CVE-2017-11774

HIGH KEV

Microsoft Outlook <2016 - Command Injection

Title source: llm

Description

Microsoft Outlook 2010 SP2, Outlook 2013 SP1 and RT SP1, and Outlook 2016 allow an attacker to execute arbitrary commands, due to how Microsoft Office handles objects in memory, aka "Microsoft Outlook Security Feature Bypass Vulnerability."

Exploits (1)

nomisec WORKING POC 1 stars

by devcoinfet · client-side

https://github.com/devcoinfet/SniperRoost

View Code ZIP pw:eip

References (5)

[Broken Link, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/101098

[Broken Link, Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1039542

[Patch, Vendor Advisory] https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11774

[Exploit] https://sensepost.com/blog/2017/outlook-home-page-another-ruler-vector/

[Third Party Advisory, US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-11774

Scores

CVSS v3 7.8

EPSS 0.8557

EPSS Percentile 99.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CISA KEV 2021-11-03

VulnCheck KEV 2018-12-21

InTheWild.io 2021-07-23

ENISA EUVD EUVD-2017-3382

CWE

CWE-119

Status published

Products (6)

microsoft/outlook 2010 sp2

microsoft/outlook 2013 sp1 (2 CPE variants)

microsoft/outlook 2016

Microsoft Corporation/Microsoft Outlook Microsoft Outlook 2010 SP2

Microsoft Corporation/Microsoft Outlook Outlook 2013 SP1 and RT SP1

Microsoft Corporation/Microsoft Outlook Outlook 2016

Published Oct 13, 2017

KEV Added Nov 03, 2021

Tracked Since Feb 18, 2026