Microsoft Office Remote Code Execution Vulnerability - CVE-2017-11825 (Mac OS X)| ID: oval:org.secpod.oval:def:42377 | Date: (C)2017-10-12 (M)2022-03-20 |
| Class: VULNERABILITY | Family: macos |
A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user.
| Platform: |
| Apple Mac OS X 10.8 |
| Apple Mac OS X 10.9 |
| Apple Mac OS X 10.10 |
| Apple Mac OS X 10.11 |
| Apple Mac OS X 10.12 |
| Apple Mac OS X 10.13 |
| Apple Mac OS X Server 10.8 |
| Apple Mac OS X Server 10.9 |
| Apple Mac OS X Server 10.10 |
| Apple Mac OS X Server 10.11 |
| Apple Mac OS X Server 10.12 |
| Apple Mac OS X Server 10.13 |
| Product: |
| Microsoft Word 2016 for Mac |
| Microsoft PowerPoint 2016 for Mac |
| Microsoft Outlook 2016 for Mac |
| Microsoft OneNote 2016 for Mac |
| Microsoft Excel 2016 for Mac |
