Vulnerability Database

313,825

Total vulnerabilities in the database

CVE-2017-11854

Microsoft Word 2007 Service Pack 3, Microsoft Word 2010 Service Pack 2, Microsoft Office 2010 Service Pack 2, and Microsoft Office Compatibility Pack Service Pack 3 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Word Memory Corruption Vulnerability".

  • Published: Nov 15, 2017
  • Updated: Nov 9, 2025
  • CVE: CVE-2017-11854
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 9.3
  • AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

Software From Fixed in
microsoft / office_compatibility_pack --sp3 --sp3.x
microsoft / office 2010-sp2 2010-sp2.x
microsoft / word 2010-sp2 2010-sp2.x
microsoft / word 2007-sp3 2007-sp3.x