What is CVE-2017-8743?

CVE-2017-8743 is a high-severity vulnerability in Microsoft Office_online_server, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. CVSS score: 7.8/10. Published 2017-09-13.

How severe is CVE-2017-8743?

High severity. CVSS v3 base score is 7.8 out of 10.

Buffer overflow in Microsoft Office_online_server

CVE-2017-8743

A remote code execution vulnerability exists in Microsoft PowerPoint 2016, Microsoft SharePoint Enterprise Server 2016, and Office Online Server when they fail to properly handle objects in memory, aka "PowerPoint Remote Code Execution Vul…

Vulnerability class: Buffer Overflow

EPSS: 0.324 (97.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.

Affected products

Microsoft Office_online_server
Microsoft Powerpoint — versions 2016
Microsoft Sharepoint_server — versions 2016
Microsoft Corporation Office — versions Microsoft PowerPoint 2016, Microsoft SharePoint Enterprise Server 2016, and Office Online Server

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

secure@microsoft.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)
secure@microsoft.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_SECTRACK)
secure@microsoft.com (x_refsource_CONFIRM, Patch, Vendor Advisory)

Frequently asked questions

What is CVE-2017-8743?: CVE-2017-8743 is a high-severity vulnerability in Microsoft Office_online_server, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. CVSS score: 7.8/10. Published 2017-09-13.
How severe is CVE-2017-8743?: High severity. CVSS v3 base score is 7.8 out of 10.