### [CVE-2017-11882](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11882)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen)

### Description

Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884.

### POC

#### Reference
- http://reversingminds-blog.logdown.com/posts/3907313-fileless-attack-in-word-without-macros-cve-2017-11882
- https://0patch.blogspot.com/2017/11/did-microsoft-just-manually-patch-their.html
- https://0patch.blogspot.com/2017/11/official-patch-for-cve-2017-11882-meets.html
- https://github.com/0x09AL/CVE-2017-11882-metasploit
- https://github.com/embedi/CVE-2017-11882
- https://github.com/rxwx/CVE-2017-11882
- https://researchcenter.paloaltonetworks.com/2017/12/unit42-analysis-of-cve-2017-11882-exploit-in-the-wild/
- https://web.archive.org/web/20181104111128/https://embedi.com/blog/skeleton-closet-ms-office-vulnerability-you-didnt-know-about/
- https://www.exploit-db.com/exploits/43163/

#### Github
- https://github.com/00xtrace/Red-Team-Ops-Toolbox
- https://github.com/0x09AL/CVE-2017-11882-metasploit
- https://github.com/0xT11/CVE-POC
- https://github.com/0xdeadgeek/Red-Teaming-Toolkit
- https://github.com/0xh4di/Red-Teaming-Toolkit
- https://github.com/0xp4nda/Red-Teaming-Toolkit
- https://github.com/15866095848/15866095848
- https://github.com/1o24er/RedTeam
- https://github.com/20142995/sectool
- https://github.com/2lambda123/m0chan-Red-Teaming-Toolkit
- https://github.com/3m1za4/100-Best-Free-Red-Team-Tools-
- https://github.com/3th1c4l-t0n1/awesome-csirt
- https://github.com/404notf0und/Security-Data-Analysis-and-Visualization
- https://github.com/5l1v3r1/rtfkit
- https://github.com/6R1M-5H3PH3RD/Red_Teaming_Tool_Kit
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Abdibimantara/Maldoc-Analysis
- https://github.com/ActorExpose/CVE-2017-11882
- https://github.com/Al1ex/APT-GUID
- https://github.com/Al1ex/Red-Team
- https://github.com/Apri1y/Red-Team-links
- https://github.com/AzyzChayeb/Redteam
- https://github.com/BENARBIAfiras/SophosLabs-Intelix
- https://github.com/BlackMathIT/2017-11882_Generator
- https://github.com/BugBlocker/lotus-scripts
- https://github.com/C-starm/PoC-and-Exp-of-Vulnerabilities
- https://github.com/CSC-pentest/cve-2017-11882
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/CYB3RMX/Qu1cksc0pe
- https://github.com/ChaitanyaHaritash/CVE-2017-11882
- https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections
- https://github.com/CyberSecurityUP/Adversary-Emulation-Matrix
- https://github.com/CyberSift/CyberSift-Alerts
- https://github.com/Echocipher/Resource-list
- https://github.com/Fa1c0n35/Red-Teaming-Toolkit
- https://github.com/FlatL1neAPT/MS-Office
- https://github.com/Flerov/WindowsExploitDev
- https://github.com/FontouraAbreu/Traffic_analysis_test
- https://github.com/Fynnesse/Malware-Analysis-w-REMnux
- https://github.com/GhostTroops/TOP
- https://github.com/Grey-Li/CVE-2017-11882
- https://github.com/HZachev/ABC
- https://github.com/HacTF/poc--exp
- https://github.com/HaoJame/CVE-2017-11882
- https://github.com/HildeTeamTNT/Red-Teaming-Toolkit
- https://github.com/IversionBY/PenetratInfo
- https://github.com/J-SinwooLee/Malware-Analysis-REMnux
- https://github.com/JERRY123S/all-poc
- https://github.com/Micr067/Pentest_Note
- https://github.com/Mrnmap/RedTeam
- https://github.com/OlaleyeAyobami/Malware-Analysis-Lab
- https://github.com/Ondrik8/RED-Team
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/PCsXcetra/EquationEditorShellCodeDecoder
- https://github.com/PWN-Kingdom/Test_Tasks
- https://github.com/PaloAltoNetworks/research-notes
- https://github.com/Parist0nH1ll/Vulnerabilities-Write-Ups
- https://github.com/Patecatl848/Jstrosch-M.W.-samples
- https://github.com/Retr0-code/SignHere
- https://github.com/Ridter/CVE-2017-11882
- https://github.com/Ridter/RTF_11882_0802
- https://github.com/Rory33160/Phishing-Prevention
- https://github.com/RxXwx3x/Redteam
- https://github.com/S3N4T0R-0X0/Ember-Bear-APT
- https://github.com/Saidul-M-Khan/Red-Teaming-Toolkit
- https://github.com/SewellDinG/Search
- https://github.com/SexyBeast233/SecBooks
- https://github.com/Shadowshusky/CVE-2017-11882-
- https://github.com/Soldie/Red-Team-Tool-Kit---Shr3dKit
- https://github.com/Spacial/awesome-csirt
- https://github.com/StrangerealIntel/DeltaFlare
- https://github.com/Sunqiz/CVE-2017-11882-reproduction
- https://github.com/Th3k33n/RedTeam
- https://github.com/TrojanAZhen/Self_Back
- https://github.com/Ygodsec/-
- https://github.com/ZTK-009/RedTeamer
- https://github.com/ZtczGrowtopia/2500-OPEN-SOURCE-RAT
- https://github.com/alecdhuse/Lantern-Shark
- https://github.com/allwinnoah/CyberSecurity-Tools
- https://github.com/arcangel2308/Shr3dit
- https://github.com/avboy1337/Vulnerabilities
- https://github.com/bb33bb/Vulnerabilities
- https://github.com/blockchainguard/blockchainhacked
- https://github.com/bloomer1016/CVE-2017-11882-Possible-Remcos-Malspam
- https://github.com/chanbin/CVE-2017-11882
- https://github.com/chenxiang12/document-eqnobj-dataset
- https://github.com/co-devs/cve-otx-lookup
- https://github.com/cranelab/exploit-development
- https://github.com/cyberanand1337x/bug-bounty-2022
- https://github.com/czq945659538/-study
- https://github.com/dactoankmapydev/crawler0121
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/dk47os3r/hongduiziliao
- https://github.com/edeca/rtfraptor
- https://github.com/ekgg/Overflow-Demo-CVE-2017-11882
- https://github.com/emaan122/Note2
- https://github.com/embedi/CVE-2017-11882
- https://github.com/emtee40/APT_CyberCriminal_Campagin_Collections
- https://github.com/eric-erki/APT_CyberCriminal_Campagin_Collections
- https://github.com/fengjixuchui/RedTeamer
- https://github.com/geeksniper/Red-team-toolkit
- https://github.com/gold1029/Red-Teaming-Toolkit
- https://github.com/gyaansastra/Red-Team-Toolkit
- https://github.com/hasee2018/Safety-net-information
- https://github.com/havocykp/Vulnerability-analysis
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/herbiezimmerman/CVE-2017-11882-Possible-Remcos-Malspam
- https://github.com/hktalent/TOP
- https://github.com/hktalent/bug-bounty
- https://github.com/houjingyi233/office-exploit-case-study
- https://github.com/hudunkey/Red-Team-links
- https://github.com/iwarsong/apt
- https://github.com/j0lama/CVE-2017-11882
- https://github.com/jaychouzzk/-
- https://github.com/jbmihoub/all-poc
- https://github.com/jnadvid/RedTeamTools
- https://github.com/john-80/-007
- https://github.com/jstrosch/malware-samples
- https://github.com/jvdroit/APT_CyberCriminal_Campagin_Collections
- https://github.com/kerolesgamal58/CTF-ShellCode-Analysis
- https://github.com/kimreq/red-team
- https://github.com/landscape2024/RedTeam
- https://github.com/li-zhenyuan/Knowledge-enhanced-Attack-Graph
- https://github.com/likescam/APT_CyberCriminal_Campagin_Collections
- https://github.com/likescam/CVE-2017-11882
- https://github.com/likescam/CVE-2018-0802_CVE-2017-11882
- https://github.com/likescam/CyberMonitor-APT_CyberCriminal_Campagin_Collections
- https://github.com/likescam/Red-Teaming-Toolkit
- https://github.com/likescam/Red-Teaming-Toolkit_all_pentests
- https://github.com/lisinan988/CVE-2017-11882-exp
- https://github.com/littlebin404/CVE-2017-11882
- https://github.com/lnick2023/nicenice
- https://github.com/lp008/Hack-readme
- https://github.com/mohamed45237/mohamed45237
- https://github.com/mooneee/Red-Teaming-Toolkit
- https://github.com/mrinconroldan/red-teaming-toolkit
- https://github.com/mucahittopal/Pentesting-Pratic-Notes
- https://github.com/n18dcat053-luuvannga/DetectPacket-CVE-2017-11882
- https://github.com/neharidha/Phishing-Analysis-Tools-
- https://github.com/nitishbadole/pentesting_Notes
- https://github.com/nobiusmallyu/kehai
- https://github.com/p2-98/Research-Exploit-Office
- https://github.com/pandazheng/Threat-Intelligence-Analyst
- https://github.com/password520/RedTeamer
- https://github.com/paulveillard/cybersecurity-exploit-development
- https://github.com/phamphuqui1998/Research-Exploit-Office
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/qiantu88/office-cve
- https://github.com/r0eXpeR/supplier
- https://github.com/r0r0x-xx/Red-Team-OPS-Modern-Adversary
- https://github.com/reph0r/Poc-Exp-Tools
- https://github.com/reph0r/Shooting-Range
- https://github.com/reph0r/poc-exp
- https://github.com/reph0r/poc-exp-tools
- https://github.com/ringo360/ringo360
- https://github.com/rip1s/CVE-2017-11882
- https://github.com/rusty-sec/lotus-scripts
- https://github.com/rxwx/CVE-2018-0802
- https://github.com/scriptsboy/Red-Teaming-Toolkit
- https://github.com/shr3ddersec/Shr3dKit
- https://github.com/sifatnotes/cobalt_strike_tutorials
- https://github.com/slimdaddy/RedTeam
- https://github.com/starnightcyber/CVE-2017-11882
- https://github.com/sumas/APT_CyberCriminal_Campagin_Collections
- https://github.com/sv3nbeast/Attack-Notes
- https://github.com/svbjdbk123/-
- https://github.com/t31m0/Red-Teaming-Toolkit
- https://github.com/thezimtex/red-team
- https://github.com/tingsama/hacking-p2
- https://github.com/toannd96/crawler0121
- https://github.com/triw0lf/Security-Matters-22
- https://github.com/twensoo/PersistentThreat
- https://github.com/tzwlhack/CVE-2017-11882
- https://github.com/u53r55/Security-Tools-List
- https://github.com/unamer/CVE-2017-11882
- https://github.com/unusualwork/red-team-tools
- https://github.com/wateroot/poc-exp
- https://github.com/weeka10/-hktalent-TOP
- https://github.com/winterwolf32/Red-teaming
- https://github.com/wrlu/Vulnerabilities
- https://github.com/wwong99/hongdui
- https://github.com/wzxmt/CVE-2017
- https://github.com/x86trace/Red-Team-Ops-Toolbox
- https://github.com/xbl3/Red-Teaming-Toolkit_infosecn1nja
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
- https://github.com/xiaoZ-hc/redtool
- https://github.com/xiaoy-sec/Pentest_Note
- https://github.com/yut0u/RedTeam-BlackBox
- https://github.com/zhang040723/web
- https://github.com/zhouat/cve-2017-11882