Описание
Microsoft Outlook Security Feature Bypass Vulnerability
A security feature bypass vulnerability exists when Microsoft Outlook improperly handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary commands.
In a file-sharing attack scenario, an attacker could provide a specially crafted document file designed to exploit the vulnerability, and then convince users to open the document file and interact with the document.
The security update addresses the vulnerability by correcting how Microsoft Outlook handles objects in memory.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Microsoft Outlook 2013 RT Service Pack 1 | ||
| Microsoft Outlook 2010 Service Pack 2 (32-bit editions) | ||
| Microsoft Outlook 2010 Service Pack 2 (64-bit editions) | ||
| Microsoft Outlook 2016 (32-bit edition) | ||
| Microsoft Outlook 2016 (64-bit edition) | ||
| Microsoft Outlook 2013 Service Pack 1 (32-bit editions) | ||
| Microsoft Outlook 2013 Service Pack 1 (64-bit editions) |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
DOS
EPSS
Связанные уязвимости
Microsoft Outlook 2010 SP2, Outlook 2013 SP1 and RT SP1, and Outlook 2016 allow an attacker to execute arbitrary commands, due to how Microsoft Office handles objects in memory, aka "Microsoft Outlook Security Feature Bypass Vulnerability."
Microsoft Outlook 2010 SP2, Outlook 2013 SP1 and RT SP1, and Outlook 2016 allow an attacker to execute arbitrary commands, due to how Microsoft Office handles objects in memory, aka "Microsoft Outlook Security Feature Bypass Vulnerability."
Уязвимость почтового клиента Microsoft Outlook, связанная с некорректной обработкой объектов в памяти, позволяющая нарушителю обойти ограничения безопасности и выполнить произвольныне команды
EPSS