VYPR
Unrated severityNVD Advisory· Published Oct 16, 2020· Updated Aug 4, 2024

Microsoft Outlook Denial of Service Vulnerability

CVE-2020-16949

Description

A denial of service vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could cause a remote denial of service against a system. Exploitation of the vulnerability requires that a specially crafted email be sent to a vulnerable Outlook server. The security update addresses the vulnerability by correcting how Microsoft Outlook handles objects in memory.

Affected products

6
  • cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*
    Range: 16.0.1
  • cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
    Range: 19.0.0
  • Microsoft/Outlookv54 versions
    cpe:2.3:a:microsoft:outlook:2010:sp2:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:microsoft:outlook:2010:sp2:*:*:*:*:*:*range: 13.0.0.0
    • cpe:2.3:a:microsoft:outlook:2013:*:*:*:*:x86:*:*range: 15.0.0.0
    • cpe:2.3:a:microsoft:outlook:2016:*:*:*:*:x86:*:*range: 16.0.0.0
    • (no CPE)

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.