CVE-2017-8692

HIGH

Windows Uniscribe - Remote Code Execution via Memory Corruption

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-8692. PoCs published by yongchuank.

AI-analyzed exploit summary This repository contains an advisory for CVE-2017-8692, detailing an out-of-bounds vulnerability in Microsoft Excel Protected View. The advisory references an external source for technical details but does not include exploit code.

Description

The Windows Uniscribe component on Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows remote code execution vulnerability when it fails to properly handle objects in memory, aka "Uniscribe Remote Code Execution Vulnerability".

Exploits (1)

gitlab WRITEUP

by yongchuank · poc

https://gitlab.com/yongchuank/cve-2017-8692-msexcel-protected-view-071200-oob

View Code ZIP pw:eip

This repository contains an advisory for CVE-2017-8692, detailing an out-of-bounds vulnerability in Microsoft Excel Protected View. The advisory references an external source for technical details but does not include exploit code.

Classification

Writeup 90%

Attack Type

Other

Complexity

Moderate

Reliability

Theoretical

Target: Microsoft Excel Protected View

No auth needed

Prerequisites: Microsoft Excel with Protected View enabled

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 23, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1039344

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/100762

Patch, Vendor Advisory x_refsource_confirm

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8692

Scores

CVSS v3 7.5

EPSS 0.1691

EPSS Percentile 96.7%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-119

Status published

Products (9)

microsoft/windows_10

microsoft/windows_10 1511

microsoft/windows_10 1607

microsoft/windows_10 1703

microsoft/windows_rt_8.1

microsoft/windows_server_2012

microsoft/windows_server_2012 r2

microsoft/windows_server_2016

Microsoft Corporation/Windows Uniscribe Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607

Published Sep 13, 2017

Tracked Since Feb 18, 2026