CVE-2017-0195
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2017-0195
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Microsoft Excel Services on Microsoft SharePoint Server 2010 SP1 and SP2, Microsoft Excel Web Apps 2010 SP2, Microsoft Office Web Apps 2010 SP2, Microsoft Office Web Apps Server 2013 SP1 and Office Online Server allows remote attackers to perform cross-site scripting and run script with local user privileges via a crafted request, aka "Microsoft Office XSS Elevation of Privilege Vulnerability."
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Microsoft Office 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Microsoft Office是美国微软(Microsoft)公司开发的一款办公软件套件产品。常用组件有Word、Excel、Access、Powerpoint、FrontPage等。 Microsoft Office中存在提权漏洞,该漏洞源于程序没有正确的过滤特制的请求。远程攻击者可通过发送特制的请求利用该漏洞实施跨站脚本攻击,在当前用户的上下文中执行脚本。以下版本受到影响:基于Microsoft SharePoint Server 2010 SP1和SP2平台的Excel Service,Excel
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Microsoft Corporation | Office | Excel Services on Microsoft SharePoint Server 2010 SP1 and SP2, Microsoft Excel Web Apps 2010 SP2, Microsoft Office Web Apps 2010 SP2, Microsoft Office Web Apps Server 2013 SP1, and Office Online Server | - |
II. Public POCs for CVE-2017-0195
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2017-0195
请登录查看更多情报信息。
Same Patch Batch · Microsoft Corporation · 2017-04-12 · 42 CVEs total
| CVE-2017-0199 | Microsoft Office 安全漏洞 | |
| CVE-2017-0183 | Microsoft Windows Hyper-V 安全漏洞 | |
| CVE-2017-0184 | Microsoft Windows Hyper-V 安全漏洞 | |
| CVE-2017-0185 | Microsoft Windows Hyper-V 安全漏洞 | |
| CVE-2017-0186 | Microsoft Windows Hyper-V 安全漏洞 | |
| CVE-2017-0188 | Microsoft Win32k 信息泄露漏洞 | |
| CVE-2017-0189 | Microsoft Win32k 权限许可和访问控制问题漏洞 | |
| CVE-2017-0191 | Microsoft Windows 安全漏洞 | |
| CVE-2017-0192 | Microsoft Windows 信息泄露漏洞 | |
| CVE-2017-0194 | Microsoft Office 信息泄露漏洞 | |
| CVE-2017-0197 | Microsoft Office 安全漏洞 | |
| CVE-2017-0182 | Microsoft Windows Hyper-V 安全漏洞 | |
| CVE-2017-0200 | Microsoft Edge 安全漏洞 | |
| CVE-2017-0201 | Microsoft Internet Explorer JScript和VBScript 安全漏洞 | |
| CVE-2017-0202 | Microsoft Internet Explorer 安全漏洞 | |
| CVE-2017-0204 | Microsoft Office 安全漏洞 | |
| CVE-2017-0205 | Microsoft Edge 安全漏洞 | |
| CVE-2017-0207 | Microsoft Outlook for Mac 安全漏洞 | |
| CVE-2017-0208 | Microsoft Edge 信息泄露漏洞 | |
| CVE-2017-0210 | Microsoft Internet Explorer 权限许可和访问控制问题漏洞 |
Showing top 20 of 42 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same product: Office
- CVE-2023-7270
Local Privilege Escalation via MSI installer - CVE-2023-51598
Hancom Office Word DOC File Parsing Use-After-Free Remote Co - CVE-2023-50235
Hancom Office Show PPT File Parsing Stack-based Buffer Overf - CVE-2023-50234
Hancom Office Cell XLS File Parsing Stack-based Buffer Overf - CVE-2019-11828
Synology Office 跨站脚本漏洞
V. Comments for CVE-2017-0195
No comments yet