Описание
An elevation of privilege vulnerability exists when Microsoft Outlook does not validate attachment headers properly, aka "Microsoft Outlook Elevation of Privilege Vulnerability." This affects Microsoft Office, Microsoft Outlook.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:microsoft:office:2016:*:*:*:click-to-run:*:*:*
cpe:2.3:a:microsoft:outlook:2010:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:outlook:2013:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:outlook:2016:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:outlook_rt:2013:sp1:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.1023
Средний
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
An elevation of privilege vulnerability exists when Microsoft Outlook does not validate attachment headers properly, aka "Microsoft Outlook Elevation of Privilege Vulnerability." This affects Microsoft Office, Microsoft Outlook.
EPSS
Процентиль: 93%
0.1023
Средний
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-20