CVE-2017-8571

Опубликовано: 01 авг. 2017

Источник: nvd

CVSS3: 7.8

CVSS2: 6.8

EPSS Средний

Описание

Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, Outlook 2013 RT SP1, and Outlook 2016 as packaged in Microsoft Office allows a security feature bypass vulnerability due to the way that it handles input, aka "Microsoft Office Outlook Security Feature Bypass Vulnerability".

Ссылки

http://www.securityfocus.com/bid/99452
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039012
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8571
Patch
Vendor Advisory
http://www.securityfocus.com/bid/99452
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039012
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8571
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:microsoft:outlook:2007:sp3:*:*:*:*:*:*

cpe:2.3:a:microsoft:outlook:2010:sp2:*:*:*:*:*:*

cpe:2.3:a:microsoft:outlook:2013:sp1:*:*:*:*:*:*

cpe:2.3:a:microsoft:outlook:2016:*:*:*:*:*:*:*

EPSS

Процентиль: 94%

0.14406

Средний

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

CVE-2017-8571

msrc

почти 8 лет назад

Microsoft Office Security Feature Bypass Vulnerability

GHSA-xjr2-qfhr-fgc6