CVE-2019-1460

Опубликовано: 19 нояб. 2019

Источник: msrc

EPSS Низкий

Описание

Outlook for Android Spoofing Vulnerability

A spoofing vulnerability exists in the way Microsoft Outlook for Android software parses specifically crafted email messages. An authenticated attacker could exploit the vulnerability by sending a specially crafted email message to a victim.

The attacker who successfully exploited this vulnerability could then perform cross-site scripting attacks on the affected systems and run scripts in the security context of the current user.

The security update addresses the vulnerability by correcting how Microsoft Outlook for Android parses specially crafted email messages.

Обновления

Продукт	Статья	Обновление
Microsoft Outlook for Android	Release Notes	Security Update

Показывать по

Возможность эксплуатации

Publicly Disclosed

Exploited

Latest Software Release

Exploitation Less Likely

Older Software Release

N/A

EPSS

Процентиль: 80%

0.01437

Низкий

Связанные уязвимости

CVE-2019-1460

CVSS3: 4.6

nvd

больше 5 лет назад

A spoofing vulnerability exists in the way Microsoft Outlook for Android software parses specifically crafted email messages, aka 'Outlook for Android Spoofing Vulnerability'.

GHSA-7889-wv3h-p95v

github

больше 3 лет назад

A spoofing vulnerability exists in the way Microsoft Outlook for Android software parses specifically crafted email messages, aka 'Outlook for Android Spoofing Vulnerability'.

EPSS

Процентиль: 80%

0.01437

Низкий