支持本站 — 捐款将帮助我们持续运营

目标: 1000 元,已筹: 1000

100.0%
立即捐款
获取后续新漏洞提醒登录后订阅
一、 漏洞 CVE-2017-11882 基础信息
漏洞信息
对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗

尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。

Vulnerability Title
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884.
来源: 美国国家漏洞数据库 NVD
CVSS Information
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
Microsoft Office 安全漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
Microsoft Office 2007 SP3等都是美国微软(Microsoft)公司开发的办公软件套件产品。 Microsoft Office中存在远程代码执行漏洞,该漏洞源于程序没有正确的处理内存中的对象。远程攻击者可借助特制的文件利用该漏洞在当前用户的上下文中执行任意代码。以下版本受到影响:Microsoft Office 2007 SP3,Microsoft Office 2010 SP2,Microsoft Office 2013 SP1,Microsoft Office 2016。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD
受影响产品
厂商产品影响版本CPE订阅
Microsoft CorporationMicrosoft Office Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, Microsoft Office 2016 -
二、漏洞 CVE-2017-11882 的公开POC
#POC 描述源链接神龙链接
1Nonehttps://github.com/zhouat/cve-2017-11882POC详情
2Proof-of-Concept exploits for CVE-2017-11882https://github.com/embedi/CVE-2017-11882POC详情
3CVE-2017-11882 from https://github.com/embedi/CVE-2017-11882https://github.com/Ridter/CVE-2017-11882POC详情
4CVE-2017-11882 File Generator PoChttps://github.com/BlackMathIT/2017-11882_GeneratorPOC详情
5CVE-2017-11882 Exploit accepts over 17k bytes long command/code in maximum.https://github.com/rip1s/CVE-2017-11882POC详情
6This is a Metasploit module which exploits CVE-2017-11882 using the POC released here : https://embedi.com/blog/skeleton-closet-ms-office-vulnerability-you-didnt-know-about.https://github.com/0x09AL/CVE-2017-11882-metasploitPOC详情
7CVE-2017-11882https://github.com/HZachev/ABCPOC详情
8CVE-2017-11882 exploitationhttps://github.com/starnightcyber/CVE-2017-11882POC详情
9Nonehttps://github.com/Grey-Li/CVE-2017-11882POC详情
10# CVE-2017-11882-metasploit This is a Metasploit module which exploits CVE-2017-11882 using the POC below: https://embedi.com/blog/skeleton-closet-ms-office-vulnerability-you-didnt-know-about. ## Installation 1) Copy the cve_2017_11882.rb to /usr/share/metasploit-framework/modules/exploits/windows/local/ 2) Copy the cve-2017-11882.rtf to /usr/share/metasploit-framework/data/exploits/ This module is a quick port to Metasploit and uses mshta.exe to execute the payload. There are better ways to implement this module and exploit but will update it as soon as I have the time.https://github.com/legendsec/CVE-2017-11882-for-KaliPOC详情
11Nonehttps://github.com/CSC-pentest/cve-2017-11882POC详情
12Nonehttps://github.com/Shadowshusky/CVE-2017-11882-POC详情
13PoC Exploit for CVE-2018-0802 (and optionally CVE-2017-11882)https://github.com/rxwx/CVE-2018-0802POC详情
14PoC for CVE-2018-0802 And CVE-2017-11882https://github.com/Ridter/RTF_11882_0802POC详情
15Nonehttps://github.com/likescam/CVE-2017-11882POC详情
16Nonehttps://github.com/likescam/CVE-2018-0802_CVE-2017-11882POC详情
17Nonehttps://github.com/herbiezimmerman/CVE-2017-11882-Possible-Remcos-MalspamPOC详情
18Empire Port of CVE-2017-11882https://github.com/ChaitanyaHaritash/CVE-2017-11882POC详情
19Nonehttps://github.com/qy1202/https-github.com-Ridter-CVE-2017-11882-POC详情
20Nonehttps://github.com/j0lama/CVE-2017-11882POC详情
21Microsoft Equation 3.0/Convert python2 to python3https://github.com/chanbin/CVE-2017-11882POC详情
22CVE-2017-11882(通杀Office 2003到2016)https://github.com/littlebin404/CVE-2017-11882POC详情
23Simple Overflow demo, like CVE-2017-11882 exphttps://github.com/ekgg/Overflow-Demo-CVE-2017-11882POC详情
24Nonehttps://github.com/HaoJame/CVE-2017-11882POC详情
25generate RTF exploit payload. uses cve-2017-11882, cve-2017-8570, cve-2018-0802, and cve-2018-8174.https://github.com/5l1v3r1/rtfkitPOC详情
26Nonehttps://github.com/ActorExpose/CVE-2017-11882POC详情
27SignHere is implementation of CVE-2017-11882. SignHere is builder of malicious rtf document and VBScript payloads.https://github.com/Retr0-code/SignHerePOC详情
28Nonehttps://github.com/lisinan988/CVE-2017-11882-expPOC详情
29Nonehttps://github.com/tzwlhack/CVE-2017-11882POC详情
30CVE-2017-11882复现https://github.com/Sunqiz/CVE-2017-11882-reproductionPOC详情
31Pada bulan maret 2023, terdapat sample baru yang terindentifikasi sebagai malware. Malware tersebut berasal dari file berekstensi.xls dan .doc dan dikenal dengan nama “Bank Slip.xls”. Aktivitas malware tersebut memiliki hubungan dengan kerentanan yang dikenal dengan id CVE-2017-11882 dan CVE-2018-0802. https://github.com/Abdibimantara/Maldoc-AnalysisPOC详情
32Nonehttps://github.com/n18dcat053-luuvannga/DetectPacket-CVE-2017-11882POC详情
33Nonehttps://github.com/nhuynhuy/cve-2017-11882POC详情
34Examining the phases of an attack using “Dragonfish's Elise Malware”, specifically, exploring the exploitation of vulnerability CVE-2017-11882. https://github.com/jadeapar/Dragonfish-s-Malware-Cyber-AnalysisPOC详情
35Nonehttps://github.com/likekabin/CVE-2017-11882POC详情
36Nonehttps://github.com/likekabin/CVE-2018-0802_CVE-2017-11882POC详情
37Malware Analysis CVE-2017-11882https://github.com/yaseenibnakhtar/Malware-Analysis-CVE-2017-11882POC详情
38Malware Analysis CVE-2017-11882https://github.com/yaseenibnakhtar/001-Malware-Analysis-CVE-2017-11882POC详情
39CVE-2017-11882 Preventer for .docx fileshttps://github.com/xdrake1010/CVE-2017-11882-PreventerPOC详情
40Simple PoC of CVE-2017-11882https://github.com/imkidz0/CVE-2017-11882POC详情
41Proof-of-Concept exploits for CVE-2017-11882https://github.com/futureFfff/CVE-2017POC详情
AI 生成 POC高级

未找到公开 POC。

登录以生成 AI POC
三、漏洞 CVE-2017-11882 的情报信息
Please 登录 to view more intelligence information
IV. Related Vulnerabilities
Same product: Microsoft Office
Same vendor: Microsoft Corporation
V. Comments for CVE-2017-11882

暂无评论

发表评论