Summary
Detail | |||
---|---|---|---|
Vendor | Microsoft | First view | 1997-01-01 |
Product | Outlook | Last view | 2024-02-13 |
Version | 2007 | Type | |
Update | sp3 | ||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
8 | 2024-02-13 | CVE-2024-21378 | Microsoft Outlook Remote Code Execution Vulnerability |
7.5 | 2023-09-12 | CVE-2023-36763 | Microsoft Outlook Information Disclosure Vulnerability |
6.5 | 2023-08-08 | CVE-2023-36893 | Microsoft Outlook Spoofing Vulnerability |
8.8 | 2023-07-11 | CVE-2023-35311 | Microsoft Outlook Security Feature Bypass Vulnerability |
8.8 | 2023-06-14 | CVE-2023-33131 | Microsoft Outlook Remote Code Execution Vulnerability |
7.5 | 2023-06-01 | CVE-2022-35742 | Microsoft Outlook Denial of Service Vulnerability |
9.8 | 2023-03-14 | CVE-2023-23397 | Microsoft Outlook Elevation of Privilege Vulnerability |
6.3 | 2022-12-13 | CVE-2022-24480 | Outlook for Android Elevation of Privilege Vulnerability |
7.3 | 2021-06-08 | CVE-2021-31949 | Microsoft Outlook Remote Code Execution Vulnerability |
7.8 | 2021-06-08 | CVE-2021-31941 | Microsoft Office Graphics Remote Code Execution Vulnerability |
7.1 | 2021-04-13 | CVE-2021-28452 | Microsoft Outlook Memory Corruption Vulnerability |
6.5 | 2020-12-10 | CVE-2020-17119 | Microsoft Outlook Information Disclosure Vulnerability |
4.7 | 2020-10-16 | CVE-2020-16949 | A denial of service vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could cause a remote denial of service against a system. Exploitation of the vulnerability requires that a specially crafted email be sent to a vulnerable Outlook server. The security update addresses the vulnerability by correcting how Microsoft Outlook handles objects in memory. |
7.5 | 2020-10-16 | CVE-2020-16947 | A remote code execution vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the targeted user. If the targeted user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Outlook software. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file designed to exploit the vulnerability. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file. Note that where severity is indicated as Critical in the Affected Products table, the Preview Pane is an attack vector. The security update addresses the vulnerability by correcting how Outlook handles objects in memory. |
5.5 | 2020-08-17 | CVE-2020-1493 | An information disclosure vulnerability exists when attaching files to Outlook messages. This vulnerability could potentially allow users to share attached files such that they are accessible by anonymous users where they should be restricted to specific users. To exploit this vulnerability, an attacker would have to attach a file as a link to an email. The email could then be shared with individuals that should not have access to the files, ignoring the default organizational setting. The security update addresses the vulnerability by correcting how Outlook handles file attachment links. |
5 | 2020-08-17 | CVE-2020-1483 | A remote code execution vulnerability exists in Microsoft Outlook when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Outlook software. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file designed to exploit the vulnerability. An attacker would have no way to force users to visit the website. Instead, an attacker would have to convince users to click a link, typically by way of an enticement in an email or instant message, and then convince them to open the specially crafted file. Note that where severity is indicated as Critical in the Affected Products table, the Preview Pane is an attack vector. The security update addresses the vulnerability by correcting how Outlook handles objects in memory. |
7.8 | 2020-07-14 | CVE-2020-1349 | A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka 'Microsoft Outlook Remote Code Execution Vulnerability'. |
8.8 | 2020-04-15 | CVE-2020-0760 | A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0991. |
6.5 | 2020-02-11 | CVE-2020-0696 | A security feature bypass vulnerability exists in Microsoft Outlook software when it improperly handles the parsing of URI formats, aka 'Microsoft Outlook Security Feature Bypass Vulnerability'. |
4.6 | 2020-01-24 | CVE-2019-1460 | A spoofing vulnerability exists in the way Microsoft Outlook for Android software parses specifically crafted email messages, aka 'Outlook for Android Spoofing Vulnerability'. |
5.4 | 2019-08-14 | CVE-2019-1218 | A spoofing vulnerability exists in the way Microsoft Outlook iOS software parses specifically crafted email messages, aka 'Outlook iOS Spoofing Vulnerability'. |
4.3 | 2019-08-14 | CVE-2019-1204 | An elevation of privilege vulnerability exists when Microsoft Outlook initiates processing of incoming messages without sufficient validation of the formatting of the messages, aka 'Microsoft Outlook Elevation of Privilege Vulnerability'. |
7.8 | 2019-08-14 | CVE-2019-1200 | A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka 'Microsoft Outlook Remote Code Execution Vulnerability'. |
5.4 | 2019-07-29 | CVE-2019-1105 | A spoofing vulnerability exists in the way Microsoft Outlook for Android software parses specifically crafted email messages, aka 'Outlook for Android Spoofing Vulnerability'. |
6.5 | 2019-07-15 | CVE-2019-1084 | An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters. An authenticated attacker could exploit this vulnerability by creating entities with invalid display names, which, when added to conversations, remain invisible. This security update addresses the issue by validating display names upon creation in Microsoft Exchange, and by rendering invalid display names correctly in Microsoft Outlook clients., aka 'Microsoft Exchange Information Disclosure Vulnerability'. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
22% (8) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
13% (5) | CWE-787 | Out-of-bounds Write |
11% (4) | CWE-200 | Information Exposure |
11% (4) | CWE-20 | Improper Input Validation |
8% (3) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
5% (2) | CWE-399 | Resource Management Errors |
5% (2) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
5% (2) | CWE-88 | Argument Injection or Modification |
2% (1) | CWE-415 | Double Free |
2% (1) | CWE-401 | Failure to Release Memory Before Removing Last Reference ('Memory L... |
2% (1) | CWE-294 | Authentication Bypass by Capture-replay |
2% (1) | CWE-284 | Access Control (Authorization) Issues |
2% (1) | CWE-264 | Permissions, Privileges, and Access Controls |
2% (1) | CWE-125 | Out-of-bounds Read |
CAPEC : Common Attack Pattern Enumeration & Classification
id | Name |
---|---|
CAPEC-41 | Using Meta-characters in E-mail Headers to Inject Malicious Payloads |
CAPEC-88 | OS Command Injection |
CAPEC-133 | Try All Common Application Switches and Options |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:429 | MS Outlook (Word 2002) RTF/HTML Script Execution Vulnerability |
oval:org.mitre.oval:def:205 | MS Outlook (Word 2000) RTF/HTML Script Execution Vulnerability |
oval:org.mitre.oval:def:517 | IE v6.0,SP1 (Server 2003) Malformed GIF Image Double-free Vulnerability |
oval:org.mitre.oval:def:509 | IE v5.01,SP4 Malformed GIF Image Double-free Vulnerability |
oval:org.mitre.oval:def:236 | IE v6.0,SP1 Malformed GIF Image Double-free Vulnerability |
oval:org.mitre.oval:def:212 | IE v5.01,SP3 Malformed GIF Image Double-free Vulnerability |
oval:org.mitre.oval:def:2100 | IE v5.5,SP2 Malformed GIF Image Double-free Vulnerability |
oval:org.mitre.oval:def:206 | IE v5.01,SP2 Malformed GIF Image Double-free Vulnerability |
oval:org.mitre.oval:def:1793 | IE v6.0 Malformed GIF Image Double-free Vulnerability |
oval:org.mitre.oval:def:843 | MS Outlook Argument Injection Local Vulnerability |
oval:org.mitre.oval:def:4307 | GDI+ JPEG Parsing Engine Buffer Overflow (VS.NET 2002) |
oval:org.mitre.oval:def:4216 | GDI+ JPEG Parsing Engine Buffer Overflow (IE6) |
oval:org.mitre.oval:def:4003 | GDI+ JPEG Parsing Engine Buffer Overflow (Windows XP) |
oval:org.mitre.oval:def:3881 | GDI+ JPEG Parsing Engine Buffer Overflow (Office XP,SP2) |
oval:org.mitre.oval:def:3810 | GDI+ JPEG Parsing Engine Buffer Overflow (Project 2003) |
oval:org.mitre.oval:def:3320 | GDI+ JPEG Parsing Engine Buffer Overflow Microsoft Office Visio Pro 2003 |
oval:org.mitre.oval:def:3082 | GDI+ JPEG Parsing Engine Buffer Overflow (Visio Pro 2002) |
oval:org.mitre.oval:def:3038 | GDI+ JPEG Parsing Engine Buffer Overflow (Project 2002,SP1) |
oval:org.mitre.oval:def:2706 | GDI+ JPEG Parsing Engine Buffer Overflow (Office 2003) |
oval:org.mitre.oval:def:1721 | GDI+ JPEG Parsing Engine Buffer Overflow (VS.NET 2003) |
oval:org.mitre.oval:def:1105 | GDI+ JPEG Parsing Engine Buffer Overflow (Server 2003) |
oval:org.mitre.oval:def:1157 | Crystal Reports Business Objects Directory Traversal |
oval:org.mitre.oval:def:624 | Exchange Server 5.5 TNEF Decoding Vulnerability |
oval:org.mitre.oval:def:1485 | Outlook 2000 TNEF Decoding Vulnerability |
oval:org.mitre.oval:def:1456 | Outlook 2003 TNEF Decoding Vulnerability |
SAINT Exploits
Description | Link |
---|---|
Microsoft Outlook SMB Attachment ATTACH_BY_REFERENCE vulnerability | More info here |
Internet Explorer VML rect fill buffer overflow | More info here |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
67982 | Microsoft Outlook E-mail Content Parsing Remote Overflow |
66296 | Microsoft Outlook SMB Attachment Handling Arbitrary Program Execution |
60397 | Microsoft Outlook HTML Email CODEBASE Parameter Arbitrary Program Execution |
59500 | Microsoft IE HTML Parser (MSHTML.DLL) Browser Window Object Handling DoS |
47004 | Microsoft Crypto API S/MIME X.509 Certificate CRL Check Remote Information Di... |
46931 | Microsoft Outlook/Express Unspecified URI Handling Arbitrary Command Injection |
34830 | Microsoft Outlook Recipient ActiveX (ole32.dll) Crafted HTML DoS |
31901 | Microsoft Office Unspecified String Handling Arbitrary Code Execution |
31254 | Microsoft Outlook Advanced Find .oss File Handling Remote Code Execution |
31253 | Microsoft Outlook E-mail Header Processing Unspecified DoS |
31252 | Microsoft Outlook VEVENT Record Handling Remote Code Execution |
29448 | Microsoft PowerPoint Crafted File Unspecified Code Execution |
28946 | Microsoft IE Vector Markup Language (VML) Arbitrary Code Execution |
25003 | Microsoft Office mailto: Arbitrary File Access |
22305 | Microsoft Outlook/Exchange TNEF Decoding Arbitrary Code Execution |
15480 | Microsoft Outlook From Header Comma Parsing Failure |
11945 | Microsoft Outlook 2002 IFRAME Tag Embedded URL |
11944 | Microsoft Outlook 2002 HREF Tag Embedded JavaScript Execution |
11938 | Microsoft Outlook Express Attachment Filename Overflow |
11935 | Microsoft Multiple Mail Client Read/Delivery Receipt Tag DoS |
11424 | Microsoft Outlook V1 Exchange Server Security Certificate Cleartext Transmission |
11423 | Microsoft Outlook Malformed Header DoS |
11420 | Microsoft Outlook WMP .wms File IFRAME Command Execution |
11417 | Microsoft Outlook/Express VCard Handler Remote Overflow |
11416 | Microsoft Outlook/Express Blank Header DoS |
OpenVAS Exploits
id | Description |
---|---|
2011-10-14 | Name : Microsoft Windows SMB/NETBIOS NULL Session Authentication Bypass Vulnerability File : nvt/gb_ms_windows_smb_share_passwd_null_sec_bypass_vuln.nasl |
2010-09-15 | Name : Microsoft Outlook TNEF Remote Code Execution Vulnerability (2315011) File : nvt/secpod_ms10-064.nasl |
2010-07-14 | Name : Microsoft Outlook SMB Attachment Remote Code Execution Vulnerability (978212) File : nvt/secpod_ms10-045.nasl |
2009-03-15 | Name : Microsoft MS04-017 security check File : nvt/remote-MS04-017.nasl |
2005-11-03 | Name : IE 5.01 5.5 6.0 Cumulative patch (890923) File : nvt/smb_nt_ms02-005.nasl |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2013-A-0216 | Microsoft Office Outlook Information Disclosure Vulnerability Severity: Category II - VMSKEY: V0042295 |
2013-A-0173 | Microsoft Outlook Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0040293 |
2010-A-0093 | Microsoft Office Outlook Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0024852 |
2006-A-0003 | Microsoft Outlook and Exchange TNEF Decoding Vulnerability Severity: Category I - VMSKEY: V0011719 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Microsoft Office Outlook Saved Search download attempt RuleID : 9847 - Type : FILE-OFFICE - Revision : 14 |
2014-01-10 | Microsoft Office Outlook VEVENT overflow attempt RuleID : 9841 - Type : SERVER-MAIL - Revision : 18 |
2014-01-10 | Outlook View OVCtl ActiveX clsid unicode access RuleID : 9819 - Type : WEB-ACTIVEX - Revision : 6 |
2014-01-10 | Outlook Recipient Control ActiveX function call access RuleID : 9670 - Type : BROWSER-PLUGINS - Revision : 9 |
2014-01-10 | Outlook Recipient Control ActiveX clsid unicode access RuleID : 9669 - Type : WEB-ACTIVEX - Revision : 6 |
2014-01-10 | Outlook Recipient Control ActiveX clsid access RuleID : 9668 - Type : BROWSER-PLUGINS - Revision : 11 |
2014-01-10 | Microsoft Office Outlook View OVCtl ActiveX clsid access RuleID : 8422 - Type : BROWSER-PLUGINS - Revision : 16 |
2014-01-10 | Microsoft Windows Vector Markup Language fill method overflow attempt RuleID : 8416 - Type : OS-WINDOWS - Revision : 20 |
2014-01-10 | Microsoft Windows Scripting Host Shell ActiveX function call access RuleID : 8068 - Type : BROWSER-PLUGINS - Revision : 17 |
2014-01-10 | Microsoft Forms 2.0 ComboBox ActiveX CLSID unicode access RuleID : 7955 - Type : WEB-ACTIVEX - Revision : 7 |
2014-01-10 | Microsoft Forms 2.0 ComboBox ActiveX clsid access RuleID : 7954 - Type : BROWSER-PLUGINS - Revision : 12 |
2020-12-01 | Microsoft Office Outlook email parsing remote code execution attempt RuleID : 56157 - Type : FILE-OFFICE - Revision : 1 |
2020-12-01 | Microsoft Office Outlook email parsing remote code execution attempt RuleID : 56156 - Type : FILE-OFFICE - Revision : 1 |
2019-09-19 | Microsoft Outlook for Android stored cross-site script attempt RuleID : 51103 - Type : OS-MOBILE - Revision : 1 |
2019-09-19 | Microsoft Outlook for Android stored cross-site script attempt RuleID : 51102 - Type : OS-MOBILE - Revision : 1 |
2018-12-14 | Microsoft Office Outlook rwz file memory corruption attempt RuleID : 48408 - Type : FILE-OFFICE - Revision : 2 |
2018-12-14 | Microsoft Office Outlook rwz file memory corruption attempt RuleID : 48407 - Type : FILE-OFFICE - Revision : 2 |
2018-12-14 | Microsoft Office Outlook rwz file memory corruption attempt RuleID : 48406 - Type : FILE-OFFICE - Revision : 3 |
2018-12-14 | Microsoft Office Outlook rwz file memory corruption attempt RuleID : 48405 - Type : FILE-OFFICE - Revision : 3 |
2018-12-14 | Microsoft Outlook email rules file memory corruption attempt RuleID : 48404 - Type : FILE-OFFICE - Revision : 3 |
2018-12-14 | Microsoft Outlook email rules file memory corruption attempt RuleID : 48403 - Type : FILE-OFFICE - Revision : 3 |
2017-11-28 | Microsoft Office Outlook SMB attach by reference code execution attempt RuleID : 44670 - Type : FILE-OFFICE - Revision : 1 |
2017-11-28 | Microsoft Office Outlook SMB attach by reference code execution attempt RuleID : 44669 - Type : FILE-OFFICE - Revision : 1 |
2017-05-09 | Microsoft Office custom message class security bypass attempt RuleID : 42168 - Type : FILE-OFFICE - Revision : 2 |
2017-05-09 | Microsoft Office custom message class security bypass attempt RuleID : 42167 - Type : FILE-OFFICE - Revision : 2 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-77fe2e20ad.nasl - Type: ACT_GATHER_INFO |
2018-05-29 | Name: The remote Fedora host is missing a security update. File: fedora_2018-6020628437.nasl - Type: ACT_GATHER_INFO |
2018-05-29 | Name: The remote Fedora host is missing a security update. File: fedora_2018-25525a9346.nasl - Type: ACT_GATHER_INFO |
2017-10-10 | Name: The version of Outlook installed on the remote host is affected by multiple v... File: smb_nt_ms17_oct_outlook.nasl - Type: ACT_GATHER_INFO |
2017-09-25 | Name: The version of Outlook installed on the remote host is affected by multiple v... File: smb_nt_ms17_sep_outlook.nasl - Type: ACT_GATHER_INFO |
2017-07-28 | Name: An application installed on the remote Windows host is affected by multiple v... File: smb_nt_ms17_jul_outlook.nasl - Type: ACT_GATHER_INFO |
2017-06-14 | Name: An application installed on the remote Windows host is affected by multiple v... File: smb_nt_ms17_jun_office.nasl - Type: ACT_GATHER_INFO |
2017-06-13 | Name: An application installed on the remote macOS or Mac OS X host is affected by ... File: macosx_ms17_june_office.nasl - Type: ACT_GATHER_INFO |
2017-04-12 | Name: An application installed on the remote Windows host is affected by multiple v... File: smb_nt_ms17_apr_office.nasl - Type: ACT_GATHER_INFO |
2017-04-12 | Name: An application installed on the remote macOS or Mac OS X host is affected by ... File: macosx_ms17_apr_office.nasl - Type: ACT_GATHER_INFO |
2016-09-14 | Name: An application installed on the remote host is affected by multiple vulnerabi... File: smb_nt_ms16-107.nasl - Type: ACT_GATHER_INFO |
2016-07-12 | Name: An application installed on the remote Windows host is affected by multiple v... File: smb_nt_ms16-088.nasl - Type: ACT_GATHER_INFO |
2013-11-13 | Name: The version of Microsoft Outlook installed on the remote Windows host is affe... File: smb_nt_ms13-094.nasl - Type: ACT_GATHER_INFO |
2013-09-11 | Name: The version of Microsoft Office installed on the remote Windows is affected b... File: smb_nt_ms13-068.nasl - Type: ACT_GATHER_INFO |
2010-09-14 | Name: The version of Microsoft Office installed on the remote Windows host has a co... File: smb_nt_ms10-064.nasl - Type: ACT_GATHER_INFO |
2010-07-13 | Name: The version of Microsoft Office installed on the remote Windows host has a co... File: smb_nt_ms10-045.nasl - Type: ACT_GATHER_INFO |
2009-11-06 | Name: It is possible to access a network share. File: smb_accessible_shares_unpriv.nasl - Type: ACT_GATHER_INFO |
2007-10-04 | Name: It is possible to log into the remote Windows host with a NULL session. File: smb_null_session.nasl - Type: ACT_GATHER_INFO |
2007-02-13 | Name: Arbitrary code can be executed on the remote host through Microsoft Office. File: smb_nt_ms07-015.nasl - Type: ACT_GATHER_INFO |
2007-02-13 | Name: An application installed on the remote Mac OS X host is affected by multiple ... File: macosx_ms_office_feb2006.nasl - Type: ACT_GATHER_INFO |
2007-01-09 | Name: Arbitrary code can be executed on the remote host through the email client. File: smb_nt_ms07-003.nasl - Type: ACT_GATHER_INFO |
2006-10-11 | Name: An application installed on the remote Mac OS X host is affected by multiple ... File: macosx_ms_office_oct2006.nasl - Type: ACT_GATHER_INFO |
2006-10-10 | Name: Arbitrary code can be executed on the remote host through Microsoft PowerPoint. File: smb_nt_ms06-058.nasl - Type: ACT_GATHER_INFO |
2006-09-26 | Name: Arbitrary code can be executed on the remote host through the email client or... File: smb_nt_ms06-055.nasl - Type: ACT_GATHER_INFO |
2006-01-10 | Name: Arbitrary code can be executed on the remote host through the email client or... File: smb_nt_ms06-003.nasl - Type: ACT_GATHER_INFO |