一、 漏洞 CVE-2017-11882 基础信息
漏洞信息
                                        # N/A

## 概述
Microsoft Office多个服务包版本存在内存处理不当的问题,导致攻击者可以在当前用户的上下文中执行任意代码。

## 影响版本
- Microsoft Office 2007 Service Pack 3
- Microsoft Office 2010 Service Pack 2
- Microsoft Office 2013 Service Pack 1
- Microsoft Office 2016

## 细节
该漏洞源于对象在内存中处理不恰当时,允许攻击者执行任意代码,这一问题被称为“Microsoft Office 内存破坏漏洞”。此CVE编号与CVE-2017-11884不同。

## 影响
攻击者可能利用该漏洞,在用户上下文中执行任意代码,可能导致系统被操控或数据泄露。
神龙判断

是否为 Web 类漏洞: 未知

判断理由:

N/A
提示
尽管我们采用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。
神龙会尽力确保数据准确,但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利!
漏洞标题
N/A
来源:美国国家漏洞数据库 NVD
漏洞描述信息
Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884.
来源:美国国家漏洞数据库 NVD
CVSS信息
N/A
来源:美国国家漏洞数据库 NVD
漏洞类别
N/A
来源:美国国家漏洞数据库 NVD
漏洞标题
Microsoft Office 安全漏洞
来源:中国国家信息安全漏洞库 CNNVD
漏洞描述信息
Microsoft Office 2007 SP3等都是美国微软(Microsoft)公司开发的办公软件套件产品。 Microsoft Office中存在远程代码执行漏洞,该漏洞源于程序没有正确的处理内存中的对象。远程攻击者可借助特制的文件利用该漏洞在当前用户的上下文中执行任意代码。以下版本受到影响:Microsoft Office 2007 SP3,Microsoft Office 2010 SP2,Microsoft Office 2013 SP1,Microsoft Office 2016。
来源:中国国家信息安全漏洞库 CNNVD
CVSS信息
N/A
来源:中国国家信息安全漏洞库 CNNVD
漏洞类别
缓冲区错误
来源:中国国家信息安全漏洞库 CNNVD
二、漏洞 CVE-2017-11882 的公开POC
# POC 描述 源链接 神龙链接
1 None https://github.com/zhouat/cve-2017-11882 POC详情
2 Proof-of-Concept exploits for CVE-2017-11882 https://github.com/embedi/CVE-2017-11882 POC详情
3 CVE-2017-11882 from https://github.com/embedi/CVE-2017-11882 https://github.com/Ridter/CVE-2017-11882 POC详情
4 CVE-2017-11882 File Generator PoC https://github.com/BlackMathIT/2017-11882_Generator POC详情
5 CVE-2017-11882 Exploit accepts over 17k bytes long command/code in maximum. https://github.com/rip1s/CVE-2017-11882 POC详情
6 This is a Metasploit module which exploits CVE-2017-11882 using the POC released here : https://embedi.com/blog/skeleton-closet-ms-office-vulnerability-you-didnt-know-about. https://github.com/0x09AL/CVE-2017-11882-metasploit POC详情
7 CVE-2017-11882 https://github.com/HZachev/ABC POC详情
8 CVE-2017-11882 exploitation https://github.com/starnightcyber/CVE-2017-11882 POC详情
9 None https://github.com/Grey-Li/CVE-2017-11882 POC详情
10 # CVE-2017-11882-metasploit This is a Metasploit module which exploits CVE-2017-11882 using the POC below: https://embedi.com/blog/skeleton-closet-ms-office-vulnerability-you-didnt-know-about. ## Installation 1) Copy the cve_2017_11882.rb to /usr/share/metasploit-framework/modules/exploits/windows/local/ 2) Copy the cve-2017-11882.rtf to /usr/share/metasploit-framework/data/exploits/ This module is a quick port to Metasploit and uses mshta.exe to execute the payload. There are better ways to implement this module and exploit but will update it as soon as I have the time. https://github.com/legendsec/CVE-2017-11882-for-Kali POC详情
11 None https://github.com/CSC-pentest/cve-2017-11882 POC详情
12 None https://github.com/Shadowshusky/CVE-2017-11882- POC详情
13 PoC Exploit for CVE-2018-0802 (and optionally CVE-2017-11882) https://github.com/rxwx/CVE-2018-0802 POC详情
14 PoC for CVE-2018-0802 And CVE-2017-11882 https://github.com/Ridter/RTF_11882_0802 POC详情
15 None https://github.com/likescam/CVE-2017-11882 POC详情
16 None https://github.com/likescam/CVE-2018-0802_CVE-2017-11882 POC详情
17 None https://github.com/herbiezimmerman/CVE-2017-11882-Possible-Remcos-Malspam POC详情
18 Empire Port of CVE-2017-11882 https://github.com/ChaitanyaHaritash/CVE-2017-11882 POC详情
19 None https://github.com/qy1202/https-github.com-Ridter-CVE-2017-11882- POC详情
20 None https://github.com/j0lama/CVE-2017-11882 POC详情
21 Microsoft Equation 3.0/Convert python2 to python3 https://github.com/chanbin/CVE-2017-11882 POC详情
22 CVE-2017-11882(通杀Office 2003到2016) https://github.com/littlebin404/CVE-2017-11882 POC详情
23 Simple Overflow demo, like CVE-2017-11882 exp https://github.com/ekgg/Overflow-Demo-CVE-2017-11882 POC详情
24 None https://github.com/HaoJame/CVE-2017-11882 POC详情
25 generate RTF exploit payload. uses cve-2017-11882, cve-2017-8570, cve-2018-0802, and cve-2018-8174. https://github.com/5l1v3r1/rtfkit POC详情
26 None https://github.com/ActorExpose/CVE-2017-11882 POC详情
27 SignHere is implementation of CVE-2017-11882. SignHere is builder of malicious rtf document and VBScript payloads. https://github.com/Retr0-code/SignHere POC详情
28 None https://github.com/lisinan988/CVE-2017-11882-exp POC详情
29 None https://github.com/tzwlhack/CVE-2017-11882 POC详情
30 CVE-2017-11882复现 https://github.com/Sunqiz/CVE-2017-11882-reproduction POC详情
31 Pada bulan maret 2023, terdapat sample baru yang terindentifikasi sebagai malware. Malware tersebut berasal dari file berekstensi.xls dan .doc dan dikenal dengan nama “Bank Slip.xls”. Aktivitas malware tersebut memiliki hubungan dengan kerentanan yang dikenal dengan id CVE-2017-11882 dan CVE-2018-0802. https://github.com/Abdibimantara/Maldoc-Analysis POC详情
32 None https://github.com/n18dcat053-luuvannga/DetectPacket-CVE-2017-11882 POC详情
33 None https://github.com/nhuynhuy/cve-2017-11882 POC详情
34 Examining the phases of an attack using “Dragonfish's Elise Malware”, specifically, exploring the exploitation of vulnerability CVE-2017-11882. https://github.com/jadeapar/Dragonfish-s-Malware-Cyber-Analysis POC详情
35 None https://github.com/likekabin/CVE-2017-11882 POC详情
36 None https://github.com/likekabin/CVE-2018-0802_CVE-2017-11882 POC详情
37 Malware Analysis CVE-2017-11882 https://github.com/yaseenibnakhtar/Malware-Analysis-CVE-2017-11882 POC详情
38 Malware Analysis CVE-2017-11882 https://github.com/yaseenibnakhtar/001-Malware-Analysis-CVE-2017-11882 POC详情
39 CVE-2017-11882 Preventer for .docx files https://github.com/xdrake1010/CVE-2017-11882-Preventer POC详情
40 Simple PoC of CVE-2017-11882 https://github.com/imkidz0/CVE-2017-11882 POC详情
41 Proof-of-Concept exploits for CVE-2017-11882 https://github.com/futureFfff/CVE-2017 POC详情
三、漏洞 CVE-2017-11882 的情报信息
四、漏洞 CVE-2017-11882 的评论

暂无评论

发表评论