Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2017-11774

KEV EPSS 85.57% · P99
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2017-11774

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Microsoft Outlook 2010 SP2, Outlook 2013 SP1 and RT SP1, and Outlook 2016 allow an attacker to execute arbitrary commands, due to how Microsoft Office handles objects in memory, aka "Microsoft Outlook Security Feature Bypass Vulnerability."
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Microsoft Outlook 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Microsoft Outlook是美国微软(Microsoft)公司的一款Office套件中所捆绑的电子邮件客户端软件。该软件可管理电子邮件、联系人和日历等。 Microsoft Outlook中存在安全功能绕过漏洞,该漏洞源于程序没有正确的处理内存中的对象。远程攻击者可借助特制的文档文件利用该漏洞执行任意命令。以下版本受到影响:Microsoft Outlook 2010 SP2,Outlook 2013 RT SP1,Outlook 2013 SP1,Outlook 2016。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

VendorProductAffected VersionsCPESubscribe
Microsoft CorporationMicrosoft Outlook Microsoft Outlook 2010 SP2 -

II. Public POCs for CVE-2017-11774

#POC DescriptionSource LinkShenlong Link
1used to generate a valid attack chain to exploit CVE-2017-11774 tied to iranian apt only reasearch poc dont use for harm pleasehttps://github.com/devcoinfet/SniperRoostPOC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2017-11774

Please Login to view more intelligence information

Same Patch Batch · Microsoft Corporation · 2017-10-13 · 61 CVEs total

CVE-2017-11817Microsoft Windows kernel 信息泄露漏洞
CVE-2017-8726Microsoft Windows Edge 信息泄露漏洞
CVE-2017-8715Microsoft Windows Device Guard 安全漏洞
CVE-2017-8703Microsoft Windows Subsystem for Linux 安全漏洞
CVE-2017-8694Microsoft Windows Kernel Mode Driver 权限许可和访问控制问题漏洞
CVE-2017-8717Microsoft Windows JET Database Engine 安全漏洞
CVE-2017-11821Microsoft Windows Edge ChakraCore 安全漏洞
CVE-2017-11820Microsoft SharePoint Enterprise Server 安全漏洞
CVE-2017-11819Microsoft Windows Shell 安全漏洞
CVE-2017-11818Microsoft Windows storage 安全漏洞
CVE-2017-11822Microsoft Windows Internet Explorer 安全漏洞
CVE-2017-11816Microsoft Windows Graphics Device Interface 信息泄露漏洞
CVE-2017-11815Microsoft Windows Server Message Block Server 信息泄露漏洞
CVE-2017-11814Microsoft Windows kernel 信息泄露漏洞
CVE-2017-11813Microsoft Windows Internet Explorer 安全漏洞
CVE-2017-11812Microsoft Windows Edge ChakraCore 安全漏洞
CVE-2017-11810Microsoft Windows Internet Explorer scripting引擎安全漏洞
CVE-2017-11809Microsoft Windows Edge ChakraCore 安全漏洞
CVE-2017-11808Microsoft Windows Edge ChakraCore 安全漏洞
CVE-2017-11807Microsoft Windows Edge ChakraCore 安全漏洞

Showing top 20 of 61 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Microsoft Outlook
Same vendor: Microsoft Corporation

V. Comments for CVE-2017-11774

No comments yet

Leave a comment