VYPR
Unrated severityNVD Advisory· Published Sep 11, 2013· Updated Jun 16, 2026

CVE-2013-3870

CVE-2013-3870

Description

Double free vulnerability in Microsoft Outlook 2007 SP3 and 2010 SP1 and SP2 allows remote attackers to execute arbitrary code by including many nested S/MIME certificates in an e-mail message, aka "Message Certificate Vulnerability."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • Microsoft/Outlook6 versions
    cpe:2.3:a:microsoft:outlook:2007:sp3:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:microsoft:outlook:2007:sp3:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:outlook:2010:sp1:*:*:*:*:x64:*
    • cpe:2.3:a:microsoft:outlook:2010:sp1:*:*:*:x86:*:*
    • cpe:2.3:a:microsoft:outlook:2010:sp2:*:*:*:*:x64:*
    • cpe:2.3:a:microsoft:outlook:2010:sp2:*:*:*:x86:*:*
    • (no CPE)range: 2007 SP3, 2010 SP1, 2010 SP2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.