{"vulnerability": "cve-2017-8759", "sightings": [{"uuid": "a53e640d-a679-4e85-8422-0dafbf009dee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "published-proof-of-concept", "source": "https://t.me/codeby_sec/855", "content": "https://codeby.net/forum/threads/windows-net-framework-exploit-cve-2017-8759.60523/", "creation_timestamp": "2017-09-20T05:13:53.000000Z"}, {"uuid": "186ed61d-5784-4476-af8b-3b3fc9cce0de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "seen", "source": "https://t.me/codeby_sec/1343", "content": "#exploit #pentest \nWindows NET Framework Exploit CVE-2017-8759", "creation_timestamp": "2018-04-03T15:41:09.000000Z"}, {"uuid": "7573e2db-d810-4427-bcc0-4678cb131367", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "seen", "source": "Telegram/o6bGSTQDa_L_9yB52rGutK-yTDAjioBk8CtxAHgug6irZRY0", "content": "", "creation_timestamp": "2025-02-14T09:47:00.000000Z"}, {"uuid": "71a51342-39d6-48b4-9b1e-eb4bae3391f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "published-proof-of-concept", "source": "https://t.me/antichat/5439", "content": "\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u043d\u0435\u0439\u0442\u0440\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0443\u0433\u0440\u043e\u0437, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e CVE-2017-8759\nhttps://habr.com/ru/post/338256/?utm_campaign=338256&utm_source=habrahabr&utm_medium=rss", "creation_timestamp": "2019-06-16T17:08:57.000000Z"}, {"uuid": "c0880c2a-3e69-4015-b8f5-031638992a16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "seen", "source": "https://t.me/sysadm_in_channel/88", "content": "MS \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043a\u0443\u043c\u043c\u0443\u043b\u044f\u0442\u0438\u0432\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432, \u0434\u0435\u0442\u0430\u043b\u0438 CVE \u0437\u0434\u0435\u0441\u044c - https://nvd.nist.gov/vuln/detail/CVE-2017-8759 \u0415\u0441\u043b\u0438 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u043e\u043c \u0430\u043f\u0434\u0435\u0439\u0442\u044b \u043d\u0435 \u0443\u043f\u0430\u043b\u0438, \u0442\u043e \u0440\u0443\u043a\u0430\u043c\u0438 \u0438\u0445 \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u0430\u0447\u0430\u0442\u044c \u0437\u0434\u0435\u0441\u044c - https://portal.msrc.microsoft.com/en-us/security-guidance", "creation_timestamp": "2017-09-13T10:33:11.000000Z"}, {"uuid": "f65cfd78-d8aa-437f-abe4-77f7a0de38a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "seen", "source": "https://t.me/information_security_channel/8946", "content": "RT @cyb3rops: Collection of YARA rules for CVE-2017-8759 detection by @xdxdxdxdoa and me\n> send me improved rules & I'll add them\u2026", "creation_timestamp": "2017-09-17T07:27:16.000000Z"}, {"uuid": "374046be-7688-441d-be9a-54393313ab56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "exploited", "source": "https://t.me/information_security_channel/10000", "content": "A recent .NET Framework zero day Vulnerability (CVE-2017-8759) is dropping Infostealer malware\nhttp://blogs.quickheal.com/recent-net-framework-zero-day-vulnerability-cve-2017-8759-dropping-infostealer-malware/\n\n.NET Framework Remote Code Execution Vulnerability (CVE-2017-8759) is a code injection vulnerability in the SOAP WSDL parser of .net framework. This vulnerability was a zero-day when it was spotted in the wild. Quick Heal Security Labs had released advisory in the month of September 2017 to address it. This vulnerability...\nThe post A recent .NET Framework zero day Vulnerability (CVE-2017-8759) is dropping Infostealer malware (http://blogs.quickheal.com/recent-net-framework-zero-day-vulnerability-cve-2017-8759-dropping-infostealer-malware/) appeared first on Quick Heal Technologies Security Blog | Latest computer security news, tips, and advice (http://blogs.quickheal.com/).", "creation_timestamp": "2017-10-16T09:03:18.000000Z"}, {"uuid": "522481c4-3962-42dc-9aa1-100d2790d9ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "seen", "source": "MISP/5c543c87-503c-4622-a292-0aa6ac12042b", "content": "", "creation_timestamp": "2019-02-01T12:53:41.000000Z"}, {"uuid": "b1191abf-e619-4dd6-9640-c94e213073e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "seen", "source": "MISP/3c5c6bf8-4c3d-48de-8eb3-49f0d290a01a", "content": "", "creation_timestamp": "2020-10-09T16:26:28.000000Z"}, {"uuid": "0d392a0a-4142-4eec-9448-bfb80ac29efc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "seen", "source": "MISP/10387610-5211-4738-83c5-643e43c8e266", "content": "", "creation_timestamp": "2020-10-09T16:41:14.000000Z"}, {"uuid": "0d9551bf-1833-4720-be97-e9f90f7f29ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "seen", "source": "MISP/ae666a55-60a8-484e-8f9a-172fa9383af0", "content": "", "creation_timestamp": "2020-10-09T16:42:03.000000Z"}, {"uuid": "3b1714fe-aba7-4993-9c46-5a479341d0de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "seen", "source": "MISP/bd9a7710-53dd-4bc6-9fc2-907b52a1a7e0", "content": "", "creation_timestamp": "2020-10-09T16:41:19.000000Z"}, {"uuid": "0ec6545a-6c19-40c8-8416-19eca966dc69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:39.000000Z"}, {"uuid": "2e49009a-a98f-4940-a5fc-bce616bdc372", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:00:55.000000Z"}, {"uuid": "4dcc4eae-c97c-42d5-9214-b6f9c6411d6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "seen", "source": "https://t.me/arpsyndicate/1798", "content": "#ExploitObserverAlert\n\nCVE-2017-8759\n\nDESCRIPTION: Exploit Observer has 120 entries related to CVE-2017-8759. Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or application, aka \".NET Framework Remote Code Execution Vulnerability.\"\n\nFIRST-EPSS: 0.970420000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-12T11:19:15.000000Z"}, {"uuid": "05c1270c-4bd5-4e43-a88c-42cf92bc4dd5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "seen", "source": "https://t.me/arpsyndicate/251", "content": "#ExploitObserverAlert\n\nCVE-2017-8759\n\nDESCRIPTION: Exploit Observer has 116 entries related to CVE-2017-8759. Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or application, aka \".NET Framework Remote Code Execution Vulnerability.\"\n\nFIRST-EPSS: 0.970420000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-11-17T09:44:19.000000Z"}, {"uuid": "9896b2b9-dcf1-406b-a53b-546bb572342d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "seen", "source": "https://t.me/arpsyndicate/1408", "content": "#ExploitObserverAlert\n\nCVE-2017-8759\n\nDESCRIPTION: Exploit Observer has 118 entries related to CVE-2017-8759. Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or application, aka \".NET Framework Remote Code Execution Vulnerability.\"\n\nFIRST-EPSS: 0.970420000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-05T06:18:08.000000Z"}, {"uuid": "a150bf42-cc85-4ea0-b6ea-a5785a616100", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "exploited", "source": "Telegram/viCLKHWRj2WhxyKsBNvrfhEx-L79Q2AXQ9tGX5mzL2Y6gjUf", "content": "", "creation_timestamp": "2023-09-06T22:37:31.000000Z"}, {"uuid": "f47a1024-6e9d-4b0a-817c-408335db7161", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "published-proof-of-concept", "source": "https://t.me/Black_hat_islamic/2043", "content": "\u062b\u063a\u0631\u0629\n CVE-2017-8759-Exploit-sample\n\u062a\u0633\u062a\u0647\u062f\u0627\u0641 \u0627\u0646\u0638\u0645\u0629 \u0627\u0644\u0648\u064a\u0646\u062f\u0648\u0632\n\nCVE-2017-11292\n\u0627\u0644\u062b\u063a\u0631\u0629 \u0639\u0628\u0627\u0631\u0629 \u0639\u0646 \u0639\u064a\u0628 \u0641\u064a \u0627\u0644\u0630\u0627\u0643\u0631\u0629 \u064a\u0633\u0645\u062d \u0644\u0644\u0645\u0647\u0627\u062c\u0645 \u0628\u062a\u0646\u0641\u064a\u0630 \u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0628\u0631\u0645\u062c\u064a\u0629 \u0639\u0634\u0648\u0627\u0626\u064a\u0629 \u0639\u0644\u0649 \u0627\u0644\u0646\u0638\u0627\u0645 \u0639\u0646\u062f \u0627\u0644\u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0628\u0646\u062c\u0627\u062d \n\u064a\u0645\u0643\u0646 \u0644\u0644\u0645\u0647\u0627\u062c\u0645 \u0625\u063a\u0631\u0627\u0642 \u0627\u0644\u0636\u062d\u0627\u064a\u0627 \u0628\u0645\u062d\u062a\u0648\u0649 Flash \u062a\u0645 \u062a\u0635\u0645\u064a\u0645\u0647 \u062e\u0635\u064a\u0635\u0627\u064b\n\n\u0633\u0643\u0631\u0628\u062a \u0635\u063a\u064a\u0631 \u0644\u0625\u0633\u062a\u063a\u0644\u0627\u0644 \u0627\u0644\u062b\u063a\u0631\u0629 \u0628\u0634\u0643\u0644 \u062c\u0632\u0626\u064a\nhttps://github.com/Voulnet/CVE-2017-8759-Exploit-sample\n\n#\u0627\u0644\u0639\u0645\u064a\u0644\u0629_X", "creation_timestamp": "2019-02-22T14:32:04.000000Z"}, {"uuid": "05b303a3-d745-43b2-9f70-ee47dc98b39a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "exploited", "source": "https://t.me/information_security_channel/8842", "content": "CVE-2017-8759 | .NET Framework Remote Code Execution Vulnerability \u2013 An analysis by Quick Heal Security Labs\nhttp://blogs.quickheal.com/cve-2017-8759-net-framework-remote-code-execution-vulnerability-analysis-quick-heal-security-labs/\n\nThe recent zero-day vulnerability in .NET Framework vulnerability CVE-2017-8759 enables attackers to perform a Remote Code Execution on the targeted machine. This vulnerability is found to be exploited in the wild through email spam messages loaded with malicious RTF files as an attachment. Microsoft has released a security update on...\nThe post CVE-2017-8759 | .NET Framework Remote Code Execution Vulnerability \u2013 An analysis by Quick Heal Security Labs (http://blogs.quickheal.com/cve-2017-8759-net-framework-remote-code-execution-vulnerability-analysis-quick-heal-security-labs/) appeared first on Quick Heal Technologies Security Blog | Latest computer security news, tips, and advice (http://blogs.quickheal.com/).", "creation_timestamp": "2017-09-14T11:38:00.000000Z"}, {"uuid": "00b9c8c5-986f-422b-a46e-0211072c7766", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "seen", "source": "https://t.me/information_security_channel/8865", "content": "Microsoft Office Zero-Day Spread Surveillance Software\nhttps://www.darkreading.com/endpoint/microsoft-office-zero-day-spread-surveillance-software/d/d-id/1329884?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple\n\nFireEye discovered CVE-2017-8759 flaw patched by Microsoft this week.", "creation_timestamp": "2017-09-14T19:26:44.000000Z"}, {"uuid": "6ea0dadc-dccf-4c30-84b7-06631205f6b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/207", "content": "https://github.com/bhdresh/CVE-2017-8759", "creation_timestamp": "2022-08-19T06:17:23.000000Z"}, {"uuid": "bb50dc11-2002-48c7-8416-49be1fbcfe5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "seen", "source": "https://t.me/arvin_club/3195", "content": "#\u0641\u0648\u0631\u06cc\u2757\ufe0f\n\n\u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc zero day \u062f\u0631 \u0641\u0631\u06cc\u0645\u200c\u0648\u0631\u06a9 .NET \u0645\u0627\u06cc\u06a9\u0631\u0648\u0633\u0627\u0641\u062a \u06a9\u0647 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc\u200c\u062f\u0647\u062f \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631\u060c \u06a9\u062f \u0631\u0627 \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u06cc\u06a9 \u0633\u0646\u062f \u06cc\u0627 \u0628\u0631\u0646\u0627\u0645\u0647 \u0645\u062e\u0631\u0628\u060c \u0628\u0631 \u0631\u0648\u06cc \u0633\u06cc\u0633\u062a\u0645 \u0642\u0631\u0628\u0627\u0646\u06cc \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f.\nBase Score: 7.8\n\u0644\u06cc\u0646\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0627\u0632 NIST:\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-8759\n@Arvin_club", "creation_timestamp": "2020-12-29T10:34:34.000000Z"}, {"uuid": "1bd5ef0f-1306-4534-b116-b572ac521c0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "seen", "source": "MISP/59bf6ca4-4548-47f5-b4be-61760a3ac101", "content": "", "creation_timestamp": "2017-09-21T08:34:50.000000Z"}, {"uuid": "fbe37aff-fa27-4958-8ca3-4a1da43662e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "seen", "source": "MISP/59c4ff9a-3ddc-4ea7-943d-092ac0a80a8e", "content": "", "creation_timestamp": "2017-09-22T12:56:48.000000Z"}, {"uuid": "937fe49c-3b2a-461b-8ba3-ee6ab0108f13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "seen", "source": "MISP/59c4f605-6cf0-4081-93c7-7aeec0a80a8e", "content": "", "creation_timestamp": "2017-09-22T12:59:25.000000Z"}, {"uuid": "0435cc90-1302-4910-9fea-ebc40490dd26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "seen", "source": "MISP/5a17ed7a-2e6c-4444-9b50-7c6795ca48b7", "content": "", "creation_timestamp": "2017-11-24T09:59:25.000000Z"}, {"uuid": "19a0c736-3de6-4a51-a67b-0de20ba41d39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "seen", "source": "MISP/5a86c343-2420-4dea-9933-69b3c25ed030", "content": "", "creation_timestamp": "2018-02-16T11:43:55.000000Z"}, {"uuid": "14251ba1-e939-495c-b819-98db811ef041", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "seen", "source": "MISP/5aba062a-8118-4885-afe0-469402de0b81", "content": "", "creation_timestamp": "2018-03-27T09:05:05.000000Z"}, {"uuid": "ac0e7484-0c8e-4da2-8b15-fd6019518a99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "seen", "source": "MISP/59b82957-23e0-483c-9142-7f22ac130004", "content": "", "creation_timestamp": "2017-09-13T04:56:03.000000Z"}, {"uuid": "af8cde5d-c83e-4a30-84f6-27c64e16e066", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:18.000000Z"}, {"uuid": "40647914-92a8-4df9-842a-f97a0234a9a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "seen", "source": "MISP/0b0f374b-39b1-4229-891b-2defd31fe736", "content": "", "creation_timestamp": "2020-10-09T15:53:01.000000Z"}, {"uuid": "bfaf0579-bce0-40e4-9276-3304928adcbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "seen", "source": "MISP/373b418c-0ff6-4bc9-ac2b-c3bbfeb7f155", "content": "", "creation_timestamp": "2020-10-09T16:03:15.000000Z"}, {"uuid": "82997045-356c-48cc-b614-0d5e207286c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "seen", "source": "MISP/411231aa-968d-42ae-a528-91e76e2a7b49", "content": "", "creation_timestamp": "2020-10-09T16:33:18.000000Z"}, {"uuid": "63873595-586f-4575-8f3a-9b197dc14f76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/1bd9845d-289e-4e86-be75-92434ef4ef33", "content": "", "creation_timestamp": "2026-02-02T12:28:52.961166Z"}, {"uuid": "95d73b24-5374-4e7e-b596-36e0eef2ad9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "exploited", "source": "https://t.me/information_security_channel/12842", "content": "Malspam campaigns exploiting recent MS Office vulnerability \u2018CVE-2017-11882\u2019 \u2013 An Analysis by Quick Heal Security Labs\nhttp://blogs.quickheal.com/malspam-campaigns-exploiting-recent-ms-office-vulnerability-cve-2017-11882/\n\nNo wonder malspam campaigns are a major medium to spread malware. Previously, we have written about such campaigns making use of MS Office malware such as malicious macro,\u00a0CVE-2017-0199, CVE-2017-8759\u00a0and DDE-based attack. Recently, we have started observing various malspam campaigns exploiting the latest MS Office vulnerability CVE-2018-11882. Let\u2019s take a look\u2026", "creation_timestamp": "2018-02-05T12:19:22.000000Z"}, {"uuid": "a94a8578-f190-4087-81f8-bf503f76563f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "exploited", "source": "https://t.me/canyoupwnme/2280", "content": "FireEye Uncovers CVE-2017-8759: Zero-Day Used in the Wild to Distribute FINSPY\nhttps://www.fireeye.com/blog/threat-research/2017/09/zero-day-used-to-distribute-finspy.html", "creation_timestamp": "2017-09-13T23:53:11.000000Z"}, {"uuid": "1aafd17e-d363-44b8-bc46-8a3f3c45e40c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "seen", "source": "https://t.me/haccking/2821", "content": "#\u041e\u0431\u0443\u0447\u0435\u043d\u0438\u0435 \nWindows NET Framework Exploit CVE-2017-8759.", "creation_timestamp": "2018-09-10T16:37:13.000000Z"}, {"uuid": "cf47514d-e8f2-49dc-8c6e-ca6763dc016e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "seen", "source": "MISP/5a070132-ae34-413b-8adf-0d88ac12042b", "content": "", "creation_timestamp": "2017-11-11T13:59:47.000000Z"}, {"uuid": "53927535-0554-469b-af0c-1225b9eabbea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "seen", "source": "MISP/5a6619ce-59e8-4275-be47-5976ac12042b", "content": "", "creation_timestamp": "2018-01-22T17:23:16.000000Z"}, {"uuid": "e33089bc-9bd2-433d-8625-71a1266fba58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "seen", "source": "MISP/0cbad1e3-4b6d-413f-a234-8939127e7112", "content": "", "creation_timestamp": "2020-10-09T13:51:49.000000Z"}, {"uuid": "7d536130-088a-4388-810d-85c200c27b3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "c7027482-4ca7-4523-82b7-740ba70c3214", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971007", "content": "", "creation_timestamp": "2024-12-24T20:22:58.934413Z"}, {"uuid": "5bcc3b71-c25a-4a20-ad9e-9f3d3b4ba5e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-8759", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/1bd9845d-289e-4e86-be75-92434ef4ef33", "content": "", "creation_timestamp": "2026-02-02T12:28:52.961166Z"}]}