Описание
A tampering vulnerability exists when Microsoft Outlook does not properly handle specific attachment types when rendering HTML emails, aka "Microsoft Office Tampering Vulnerability." This affects Microsoft Word, Microsoft Office.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2016:*:*:*:click-to-run:*:*:*
Конфигурация 2
Одно из
cpe:2.3:a:microsoft:word:2010:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:word:2013:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:word:2013:sp1:*:*:rt:*:*:*
cpe:2.3:a:microsoft:word:2016:*:*:*:*:*:*:*
EPSS
Процентиль: 91%
0.07474
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
A tampering vulnerability exists when Microsoft Outlook does not properly handle specific attachment types when rendering HTML emails, aka "Microsoft Office Tampering Vulnerability." This affects Microsoft Word, Microsoft Office.
EPSS
Процентиль: 91%
0.07474
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
NVD-CWE-noinfo