CVE-2017-11935

Microsoft Office 2016 Click-to-Run (C2R) allows a remote code execution vulnerability due to the way files are handled in memory, aka "Microsoft Excel Remote Code Execution Vulnerability".
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
microsoftCNA
---
---
CVEADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/102067
http://www.securitytracker.com/id/1039989
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11935
http://www.securityfocus.com/bid/102067
http://www.securitytracker.com/id/1039989
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11935