一、 漏洞 CVE-2017-11882 基础信息
漏洞标题
N/A
来源:AIGC 神龙大模型
漏洞描述信息
Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 允许攻击者在当前用户上下文中运行任意代码,通过未正确处理内存对象(即“Microsoft Office内存错误漏洞”)。与 CVE-2017-11884 不同,此 CVE ID 唯一。
来源:AIGC 神龙大模型
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
来源:AIGC 神龙大模型
漏洞类别
N/A
来源:AIGC 神龙大模型
漏洞标题
N/A
来源:美国国家漏洞数据库 NVD
漏洞描述信息
Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884.
来源:美国国家漏洞数据库 NVD
CVSS信息
N/A
来源:美国国家漏洞数据库 NVD
漏洞类别
N/A
来源:美国国家漏洞数据库 NVD
漏洞标题
Microsoft Office 安全漏洞
来源:中国国家信息安全漏洞库 CNNVD
漏洞描述信息
Microsoft Office 2007 SP3等都是美国微软(Microsoft)公司开发的办公软件套件产品。 Microsoft Office中存在远程代码执行漏洞,该漏洞源于程序没有正确的处理内存中的对象。远程攻击者可借助特制的文件利用该漏洞在当前用户的上下文中执行任意代码。以下版本受到影响:Microsoft Office 2007 SP3,Microsoft Office 2010 SP2,Microsoft Office 2013 SP1,Microsoft Office 2016。
来源:中国国家信息安全漏洞库 CNNVD
CVSS信息
N/A
来源:中国国家信息安全漏洞库 CNNVD
漏洞类别
缓冲区错误
来源:中国国家信息安全漏洞库 CNNVD
二、漏洞 CVE-2017-11882 的公开POC
# POC 描述 源链接 神龙链接
1 None https://github.com/zhouat/cve-2017-11882 POC详情
2 Proof-of-Concept exploits for CVE-2017-11882 https://github.com/embedi/CVE-2017-11882 POC详情
3 CVE-2017-11882 from https://github.com/embedi/CVE-2017-11882 https://github.com/Ridter/CVE-2017-11882 POC详情
4 CVE-2017-11882 File Generator PoC https://github.com/BlackMathIT/2017-11882_Generator POC详情
5 CVE-2017-11882 Exploit accepts over 17k bytes long command/code in maximum. https://github.com/rip1s/CVE-2017-11882 POC详情
6 This is a Metasploit module which exploits CVE-2017-11882 using the POC released here : https://embedi.com/blog/skeleton-closet-ms-office-vulnerability-you-didnt-know-about. https://github.com/0x09AL/CVE-2017-11882-metasploit POC详情
7 CVE-2017-11882 https://github.com/HZachev/ABC POC详情
8 CVE-2017-11882 exploitation https://github.com/starnightcyber/CVE-2017-11882 POC详情
9 None https://github.com/Grey-Li/CVE-2017-11882 POC详情
10 # CVE-2017-11882-metasploit This is a Metasploit module which exploits CVE-2017-11882 using the POC below: https://embedi.com/blog/skeleton-closet-ms-office-vulnerability-you-didnt-know-about. ## Installation 1) Copy the cve_2017_11882.rb to /usr/share/metasploit-framework/modules/exploits/windows/local/ 2) Copy the cve-2017-11882.rtf to /usr/share/metasploit-framework/data/exploits/ This module is a quick port to Metasploit and uses mshta.exe to execute the payload. There are better ways to implement this module and exploit but will update it as soon as I have the time. https://github.com/legendsec/CVE-2017-11882-for-Kali POC详情
11 None https://github.com/CSC-pentest/cve-2017-11882 POC详情
12 None https://github.com/Shadowshusky/CVE-2017-11882- POC详情
13 PoC Exploit for CVE-2018-0802 (and optionally CVE-2017-11882) https://github.com/rxwx/CVE-2018-0802 POC详情
14 PoC for CVE-2018-0802 And CVE-2017-11882 https://github.com/Ridter/RTF_11882_0802 POC详情
15 None https://github.com/likescam/CVE-2017-11882 POC详情
16 None https://github.com/likescam/CVE-2018-0802_CVE-2017-11882 POC详情
17 None https://github.com/herbiezimmerman/CVE-2017-11882-Possible-Remcos-Malspam POC详情
18 Empire Port of CVE-2017-11882 https://github.com/ChaitanyaHaritash/CVE-2017-11882 POC详情
19 None https://github.com/qy1202/https-github.com-Ridter-CVE-2017-11882- POC详情
20 None https://github.com/j0lama/CVE-2017-11882 POC详情
21 Microsoft Equation 3.0/Convert python2 to python3 https://github.com/chanbin/CVE-2017-11882 POC详情
22 CVE-2017-11882(通杀Office 2003到2016) https://github.com/littlebin404/CVE-2017-11882 POC详情
23 Simple Overflow demo, like CVE-2017-11882 exp https://github.com/ekgg/Overflow-Demo-CVE-2017-11882 POC详情
24 None https://github.com/HaoJame/CVE-2017-11882 POC详情
25 generate RTF exploit payload. uses cve-2017-11882, cve-2017-8570, cve-2018-0802, and cve-2018-8174. https://github.com/5l1v3r1/rtfkit POC详情
26 None https://github.com/ActorExpose/CVE-2017-11882 POC详情
27 SignHere is implementation of CVE-2017-11882. SignHere is builder of malicious rtf document and VBScript payloads. https://github.com/Retr0-code/SignHere POC详情
28 None https://github.com/lisinan988/CVE-2017-11882-exp POC详情
29 None https://github.com/tzwlhack/CVE-2017-11882 POC详情
30 CVE-2017-11882复现 https://github.com/Sunqiz/CVE-2017-11882-reproduction POC详情
31 Pada bulan maret 2023, terdapat sample baru yang terindentifikasi sebagai malware. Malware tersebut berasal dari file berekstensi.xls dan .doc dan dikenal dengan nama “Bank Slip.xls”. Aktivitas malware tersebut memiliki hubungan dengan kerentanan yang dikenal dengan id CVE-2017-11882 dan CVE-2018-0802. https://github.com/Abdibimantara/Maldoc-Analysis POC详情
32 None https://github.com/n18dcat053-luuvannga/DetectPacket-CVE-2017-11882 POC详情
33 None https://github.com/nhuynhuy/cve-2017-11882 POC详情
34 Examining the phases of an attack using “Dragonfish's Elise Malware”, specifically, exploring the exploitation of vulnerability CVE-2017-11882. https://github.com/jadeapar/Dragonfish-s-Malware-Cyber-Analysis POC详情
35 None https://github.com/likekabin/CVE-2017-11882 POC详情
36 None https://github.com/likekabin/CVE-2018-0802_CVE-2017-11882 POC详情
37 Malware Analysis CVE-2017-11882 https://github.com/yaseenibnakhtar/Malware-Analysis-CVE-2017-11882 POC详情
38 Malware Analysis CVE-2017-11882 https://github.com/yaseenibnakhtar/001-Malware-Analysis-CVE-2017-11882 POC详情
三、漏洞 CVE-2017-11882 的情报信息