Microsoft Office contains a memory corruption vulnerability that allows remote code execution in the context of the current user.
PoC: CVE-2017-11882
CVE-2017-11882 from https://github.com/embedi/CVE-2017-11882
PoC: CVE-2017-11882
Proof-of-Concept exploits for CVE-2017-11882
PoC: CVE-2017-11882
CVE-2017-11882 Exploit accepts over 17k bytes long command/code in maximum.
PoC: CVE-2018-0802
PoC Exploit for CVE-2018-0802 (and optionally CVE-2017-11882)
PoC: RTF_11882_0802
PoC for CVE-2018-0802 And CVE-2017-11882
PoC: CVE-2017-11882-metasploit
This is a Metasploit module which exploits CVE-2017-11882 using the POC released here : https://embedi.com/blog/skeleton-closet-ms-office-vulnerability-you-didnt-know-about.
PoC: CVE-2017-11882
CVE-2017-11882 exploitation
PoC: 2017-11882_Generator
CVE-2017-11882 File Generator PoC
PoC: SignHere
SignHere is implementation of CVE-2017-11882. SignHere is builder of malicious rtf document and VBScript payloads.
PoC: CVE-2017-11882
CVE-2017-11882(通杀Office 2003到2016)
PoC: Overflow-Demo-CVE-2017-11882
Simple Overflow demo, like CVE-2017-11882 exp
PoC: CVE-2017-11882
Empire Port of CVE-2017-11882
PoC: Maldoc-Analysis
Pada bulan maret 2023, terdapat sample baru yang terindentifikasi sebagai malware. Malware tersebut berasal dari file berekstensi.xls dan .doc dan dikenal dengan nama “Bank Slip.xls”. Aktivitas malware tersebut memiliki hubungan dengan kerentanan yang dikenal dengan id CVE-2017-11882 dan CVE-2018-0802.
PoC: Office-Malware-Forensics-Lab-REMnux-Static-Analysis
Static analysis of 2 malicious Office documents on REMnux using oletools; identified CVE-2017-11882 and obfuscated macros.
PoC: CVE-2017
Proof-of-Concept exploits for CVE-2017-11882
PoC: CVE-2017-11882
Simple PoC of CVE-2017-11882
PoC: CVE-2017-11882-Preventer
CVE-2017-11882 Preventer for .docx files
PoC: Malware-Analysis-CVE-2017-11882
Malware Analysis CVE-2017-11882
PoC: Dragonfish-s-Malware-Cyber-Analysis
Examining the phases of an attack using “Dragonfish's Elise Malware”, specifically, exploring the exploitation of vulnerability CVE-2017-11882.
PoC: CVE-2017-11882-reproduction
CVE-2017-11882复现
PoC: rtfkit
generate RTF exploit payload. uses cve-2017-11882, cve-2017-8570, cve-2018-0802, and cve-2018-8174.
PoC: CVE-2017-11882
Microsoft Equation 3.0/Convert python2 to python3
PoC: CVE-2017-11882-for-Kali
# CVE-2017-11882-metasploit This is a Metasploit module which exploits CVE-2017-11882 using the POC below: https://embedi.com/blog/skeleton-closet-ms-office-vulnerability-you-didnt-know-about. ## Installation 1) Copy the cve_2017_11882.rb to /usr/share/metasploit-framework/modules/exploits/windows/local/ 2) Copy the cve-2017-11882.rtf to /usr/share/metasploit-framework/data/exploits/ This module is a quick port to Metasploit and uses mshta.exe to execute the payload. There are better ways to implement
PoC: ABC
CVE-2017-11882
Get alerted for CVEs like this
Register your stack and get notified within minutes when a matching CVE drops.
Start monitoring free