Microsoft Excel Security Feature Bypass Vulnerability - CVE-2017-11877 (Mac OS X)| ID: oval:org.secpod.oval:def:42769 | Date: (C)2017-11-16 (M)2023-10-09 |
| Class: VULNERABILITY | Family: macos |
A security feature bypass vulnerability exists in Microsoft Office software by not enforcing macro settings on an Excel document. The security feature bypass by itself does not allow arbitrary code execution. To successfully exploit the vulnerability, an attacker would have to embed a control in an Excel worksheet that specifies a macro should be run. To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted file with an affected version of Microsoft Office software. The security update addresses the vulnerability by enforcing macro settings on Excel documents.
| Platform: |
| Apple Mac OS X 10.8 |
| Apple Mac OS X 10.9 |
| Apple Mac OS X 10.10 |
| Apple Mac OS X 10.11 |
| Apple Mac OS X 10.12 |
| Apple Mac OS X 10.13 |
| Apple Mac OS X Server 10.8 |
| Apple Mac OS X Server 10.9 |
| Apple Mac OS X Server 10.10 |
| Apple Mac OS X Server 10.11 |
| Apple Mac OS X Server 10.12 |
| Apple Mac OS X Server 10.13 |
| Product: |
| Microsoft Word 2016 for Mac |
| Microsoft PowerPoint 2016 for Mac |
| Microsoft Outlook 2016 for Mac |
| Microsoft OneNote 2016 for Mac |
| Microsoft Excel 2016 for Mac |
