Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA11049
HistoryJun 13, 2017 - 12:00 a.m.

KLA11049 Multiple vulnerabilities in Microsoft Office

2017-06-1300:00:00
Kaspersky Lab
threats.kaspersky.com
90

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

AI Score

8.4

Confidence

High

EPSS

0.407

Percentile

97.4%

JSON

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions and spoof user interface.

Below is a complete list of vulnerabilities:

  1. An improper validating of input before loading DLL (dynamic link library) files can be exploited remotely by convincing a user to open a specially designed office document to execute arbitrary code;
  2. An improper parsing of email messages can be exploited remotely by sending a specially designed email message and convincing a user to open it to execute arbitrary code;
  3. An incorrect handling of parsing of file formats can be exploited remotely by convincing a user to open a specially designed file to bypass security restrictions;
  4. Multiple vulnerabities related to an improper handling of objects in memory can be exploited remotely by sending a specially designed file via email and convincing a user to open it or by hosting a website which contains a malicious file and convince a user to open website to execute arbitrary code;
  5. An incorrect validation and sanitizing of html input in Microsoft Outlook for Mac can be exploited remotely via a specially designed email with specific HTML tags to spoof user interface and show a malicious authentication prompt.

Original advisories

ADV170008

CVE-2017-8513

CVE-2017-8512

CVE-2017-8511

CVE-2017-8510

CVE-2017-8506

CVE-2017-8507

CVE-2017-8508

CVE-2017-8545

CVE-2017-8509

CVE-2017-0284

CVE-2017-8528

CVE-2017-0292

CVE-2017-0285

CVE-2017-8534

CVE-2017-0283

CVE-2017-8550

CVE-2017-0282

CVE-2017-0260

CVE-2017-8509

CVE-2017-0286

CVE-2017-0287

CVE-2017-0288

CVE-2017-0289

CVE-2017-8527

CVE-2017-8531

CVE-2017-8532

CVE-2017-8533

CVE-2017-8506

CVE-2017-8507

CVE-2017-8508

CVE-2017-8510

CVE-2017-8511

CVE-2017-8512

CVE-2017-8513

CVE-2017-8545

CVE-2017-8551

CVE-2017-8514

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Microsoft-Office-Compatibility-Pack-for-Word,-Excel,-and-PowerPoint-2007-File-Formats

Microsoft-Office-PowerPoint

Microsoft-Office

Microsoft-Outlook

Microsoft-Word

Microsoft-Sharepoint-Server

CVE list

CVE-2017-0284 warning

CVE-2017-8528 critical

CVE-2017-0292 critical

CVE-2017-0285 warning

CVE-2017-8534 warning

CVE-2017-0283 critical

CVE-2017-8550 warning

CVE-2017-0282 warning

CVE-2017-0260 critical

CVE-2017-8509 critical

CVE-2017-0286 warning

CVE-2017-0287 warning

CVE-2017-0288 warning

CVE-2017-0289 warning

CVE-2017-8527 critical

CVE-2017-8531 warning

CVE-2017-8532 warning

CVE-2017-8533 warning

CVE-2017-8506 critical

CVE-2017-8507 critical

CVE-2017-8508 warning

CVE-2017-8510 critical

CVE-2017-8511 critical

CVE-2017-8512 critical

CVE-2017-8513 critical

CVE-2017-8545 warning

CVE-2017-8551 warning

CVE-2017-8514 warning

KB list

3203391

3203393

3191882

3203427

4020732

4020733

4020735

4020736

3178667

3203432

3203484

3203485

4020734

3191837

3162051

3203438

3191939

3203430

3203436

3203386

3203382

3212223

3203458

3118389

3191848

3191943

3191945

3191944

3191828

3203441

3191844

3203466

3203464

3203463

3203460

3191908

3203390

3203392

3172445

3191932

3191938

3127888

3203384

3203383

3191898

3127894

3118304

3203467

3203461

3203387

3213537

3203399

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

  • ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

  • OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

  • DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

  • SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

  • PE

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

  • SUI

Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.

Affected Products

  • Microsoft Office 2007 Service Pack 3Microsoft Office 2010 Service Pack 2Microsoft Office 2013 Service Pack 1Microsoft Office 2016Microsoft Office Compatibility Pack Service Pack 3Microsoft PowerPoint 2007 Service Pack 3Microsoft OneNote 2010 Service Pack 2 Microsoft Outlook 2007 Service Pack 3Microsoft Outlook 2010 Service Pack 2Microsoft Outlook 2013 RT Service Pack 1Microsoft Outlook 2013 Service Pack 1Microsoft Outlook 2016Microsoft SharePoint Server 2007 Service Pack 3Microsoft SharePoint Enterprise Server 2013 Service Pack 1Microsoft SharePoint Enterprise Server 2016Microsoft Word 2007 Service Pack 3Microsoft Word 2010 Service Pack 2Microsoft Word 2013 RT Service Pack 1Microsoft Word 2013 Service Pack 1Microsoft Word 2016Microsoft Word for Mac 2011Microsoft Word 2016 for Mac

References

Related

nessus 8
mskb 38
openvas 31
prion 24
cvelist 23
cve 23
nvd 23
kaspersky 5
seebug 1
qualysblog 1
talosblog 1
trendmicroblog 1
rapid7community 1
symantec 12
mscve 5
zdi 2
nessus
nessus
Security Update for Microsoft Office Products (June 2017)
2017-06-14 00:00:00
Security Update for Microsoft SharePoint Server (June 2017)
2017-06-14 00:00:00
Security Update for Microsoft Office Web Apps Server / Office Online Server (June 2017)
2017-06-14 00:00:00
mskb
mskb
Security update for Windows Server 2008: June 13, 2017
2017-06-13 07:00:00
Security update 2017-06-13
2017-06-13 07:00:00
Description of the security update for Office 2010: June 13, 2017
2017-06-13 07:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4022884)
2017-06-14 00:00:00
Microsoft Office Multiple Vulnerabilities (KB3191844)
2017-06-14 00:00:00
Microsoft Office Multiple Vulnerabilities (KB3191837)
2017-06-14 00:00:00
prion
prion
Remote code execution
2017-06-15 01:29:00
Remote code execution
2017-06-15 01:29:00
Remote code execution
2017-06-15 01:29:00
cvelist
cvelist
CVE-2017-8506
2017-06-15 01:00:00
CVE-2017-0288
2017-06-15 01:00:00
CVE-2017-8510
2017-06-15 01:00:00
cve
cve
CVE-2017-0288
2017-06-15 01:29:02
CVE-2017-0286
2017-06-15 01:29:02
CVE-2017-0289
2017-06-15 01:29:02
nvd
nvd
CVE-2017-0260
2017-06-15 01:29:01
CVE-2017-8509
2017-06-15 01:29:03
CVE-2017-8510
2017-06-15 01:29:03
kaspersky
kaspersky
KLA11052 Multiple vulnerabilities in Windows Uniscribe
2017-06-13 00:00:00
KLA11047 Multiple vulnerabilities in Microsoft Development Tools
2017-06-13 00:00:00
KLA11053 XSS vulnerabilities in Microsoft Sharepoint
2017-06-13 00:00:00
seebug
seebug
A Look at --- SharePoint's Follow Feature XSS(CVE-2017-8514 )
2017-06-14 00:00:00
qualysblog
qualysblog
Microsoft Fixes 94 Security Issues in Massive June Update
2017-06-13 18:28:02
talosblog
talosblog
Microsoft Patch Tuesday - June 2017
2017-06-13 13:48:00
trendmicroblog
trendmicroblog
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of June 12, 2017
2017-06-16 12:00:40
rapid7community
rapid7community
Patch Tuesday - June 2017
2017-06-14 12:04:23
symantec
symantec
Microsoft Windows Uniscribe CVE-2017-8534 Information Disclosure Vulnerability
2017-06-13 00:00:00
Microsoft Windows Graphics Component CVE-2017-8533 Information Disclosure Vulnerability
2017-06-13 00:00:00
Microsoft Outlook CVE-2017-8507 Memory Corruption Vulnerability
2017-06-13 00:00:00
mscve
mscve
Microsoft Outlook for Mac Spoofing Vulnerability
2017-06-13 07:00:00
Microsoft Outlook Security Feature Bypass Vulnerability
2017-06-13 07:00:00
Microsoft Outlook Memory Corruption Vulnerability
2017-06-13 07:00:00
zdi
zdi
Microsoft Windows OTL Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
2017-06-13 00:00:00
Microsoft Windows DirectWrite Integer Overflow Information Disclosure Vulnerability
2019-06-20 00:00:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

AI Score

8.4

Confidence

High

EPSS

0.407

Percentile

97.4%

JSON
Related for KLA11049
nessus8mskb38openvas31prion24cvelist23cve23nvd23kaspersky5seebug1qualysblog1talosblog1trendmicroblog1rapid7community1symantec12mscve5zdi2