What is CVE-2017-8508?

CVE-2017-8508 is a medium-severity vulnerability in Microsoft Outlook. CVSS score: 5.5/10. Published 2017-06-15.

How severe is CVE-2017-8508?

Medium severity. CVSS v3 base score is 5.5 out of 10.

Vulnerability in Microsoft Outlook

CVE-2017-8508

A security feature bypass vulnerability exists in Microsoft Office software when it improperly handles the parsing of file formats, aka "Microsoft Office Security Feature Bypass Vulnerability".

EPSS: 0.194 (95.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.5 (Medium). Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N.

Affected products

Microsoft Outlook — versions 2007, 2010, 2013
Microsoft Corporation Office — versions Microsoft Outlook 2007 Service Pack 3, Microsoft Outlook 2010 Service Pack 2, Microsoft Outlook 2013 RT Service Pack 1, Microsoft Outlook 2013 Service Pack 1, and Microsoft Outlook 2016.

References

secure@microsoft.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)
secure@microsoft.com (x_refsource_CONFIRM, Patch, Vendor Advisory)

Frequently asked questions

What is CVE-2017-8508?: CVE-2017-8508 is a medium-severity vulnerability in Microsoft Outlook. CVSS score: 5.5/10. Published 2017-06-15.
How severe is CVE-2017-8508?: Medium severity. CVSS v3 base score is 5.5 out of 10.