CVE-2017-11776

Опубликовано: 13 окт. 2017

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Средний

Описание

Microsoft Outlook 2016 allows an attacker to obtain the email content of a user, due to how Outlook 2016 discloses user email content, aka "Microsoft Outlook Information Disclosure Vulnerability."

Ссылки

http://www.securityfocus.com/bid/101106
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039542
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11776
Patch
Vendor Advisory
http://www.securityfocus.com/bid/101106
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039542
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11776
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:microsoft:outlook:2016:*:*:*:*:*:*:*

EPSS

Процентиль: 95%

0.18636

Средний

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

CVE-2017-11776

msrc

больше 8 лет назад

Microsoft Outlook Information Disclosure Vulnerability

GHSA-67jx-559h-x478