VYPR

Outlook

by Microsoft

CVEs (139)

  • CVE-2023-33153MedJul 11, 2023
    risk 0.44cvss 6.8epss 0.01

    Microsoft Outlook Remote Code Execution Vulnerability

  • CVE-2016-3366MedSep 14, 2016
    risk 0.44cvss 6.5epss 0.16

    Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, Outlook 2013 RT SP1, Outlook 2016, and Outlook 2016 for Mac do not properly implement RFC 2046, which allows remote attackers to bypass virus or spam detection via crafted MIME data in an e-mail attachment, aka…

  • CVE-2018-8244MedJun 14, 2018
    risk 0.43cvss 6.5epss 0.05

    An elevation of privilege vulnerability exists when Microsoft Outlook does not validate attachment headers properly, aka "Microsoft Outlook Elevation of Privilege Vulnerability." This affects Microsoft Office, Microsoft Outlook.

  • CVE-2018-8160MedMay 9, 2018
    risk 0.43cvss 6.5epss 0.08

    An information disclosure vulnerability exists in Outlook when a message is opened, aka "Microsoft Outlook Information Disclosure Vulnerability." This affects Word, Microsoft Office.

  • CVE-2018-8150MedMay 9, 2018
    risk 0.43cvss 6.5epss 0.05

    A security feature bypass vulnerability exists when the Microsoft Outlook attachment block filter does not properly handle attachments, aka "Microsoft Outlook Security Feature Bypass Vulnerability." This affects Microsoft Office.

  • CVE-2018-0850MedFeb 15, 2018
    risk 0.43cvss 6.5epss 0.05

    Microsoft Outlook 2007, Microsoft Outlook 2010, Microsoft Outlook 2013, Microsoft Outlook 2016, and Microsoft Office 2016 Click-to-Run allow an elevation of privilege vulnerability due to how the format of incoming message is validated, aka "Microsoft Outlook Elevation of…

  • CVE-2017-8545MedJun 15, 2017
    risk 0.43cvss 6.5epss 0.05

    A spoofing vulnerability exists in when Microsoft Outlook for Mac does not sanitize html properly, aka "Microsoft Outlook for Mac Spoofing Vulnerability".

  • CVE-2017-0207MedApr 12, 2017
    risk 0.43cvss 6.5epss 0.10

    Microsoft Outlook for Mac 2011 allows remote attackers to spoof web content via a crafted email with specific HTML tags, aka "Microsoft Browser Spoofing Vulnerability."

  • CVE-2023-33151MedJul 11, 2023
    risk 0.42cvss 6.5epss 0.03

    Microsoft Outlook Spoofing Vulnerability

  • CVE-2017-8572MedAug 1, 2017
    risk 0.37cvss 5.5epss 0.13

    Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, Outlook 2013 RT SP1, and Outlook 2016 as packaged in Microsoft Office allows an information disclosure vulnerability due to the way that it discloses the contents of its memory, aka "Microsoft Office Outlook…

  • CVE-2017-0204MedApr 12, 2017
    risk 0.37cvss 5.5epss 0.19

    Microsoft Outlook 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1, and Microsoft Outlook 2016 allow remote attackers to bypass the Office Protected View via a specially crafted document, aka "Microsoft Office Security Feature Bypass Vulnerability."

  • CVE-2017-8508MedJun 15, 2017
    risk 0.36cvss 5.5epss 0.04

    A security feature bypass vulnerability exists in Microsoft Office software when it improperly handles the parsing of file formats, aka "Microsoft Office Security Feature Bypass Vulnerability".

  • CVE-2024-21413KEVFeb 13, 2024
    risk 0.19cvss epss 0.95

    Microsoft Outlook Remote Code Execution Vulnerability

  • CVE-2023-23397KEVMar 14, 2023
    risk 0.19cvss epss 0.97

    Microsoft Outlook Elevation of Privilege Vulnerability

  • CVE-2023-35311KEVJul 11, 2023
    risk 0.12cvss epss 0.15

    Microsoft Outlook Security Feature Bypass Vulnerability

  • CVE-2004-0204Aug 6, 2004
    risk 0.09cvss epss 0.73

    Directory traversal vulnerability in the web viewers for Business Objects Crystal Reports 9 and 10, and Crystal Enterprise 9 or 10, as used in Visual Studio .NET 2003 and Outlook 2003 with Business Contact Manager, Microsoft Business Solutions CRM 1.2, and other products, allows…

  • CVE-2006-4868Sep 19, 2006
    risk 0.08cvss epss 0.62

    Stack-based buffer overflow in the Vector Graphics Rendering engine (vgx.dll), as used in Microsoft Outlook and Internet Explorer 6.0 on Windows XP SP2, and possibly other versions, allows remote attackers to execute arbitrary code via a Vector Markup Language (VML) file with a…

  • CVE-2010-0266Jul 15, 2010
    risk 0.07cvss epss 0.55

    Microsoft Office Outlook 2002 SP3, 2003 SP3, and 2007 SP1 and SP2 does not properly verify e-mail attachments with a PR_ATTACH_METHOD property value of ATTACH_BY_REFERENCE, which allows user-assisted remote attackers to execute arbitrary code via a crafted message, aka…

  • CVE-2004-0200Sep 28, 2004
    risk 0.07cvss epss 0.49

    Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length…

  • CVE-2004-0121Apr 15, 2004
    risk 0.07cvss epss 0.48

    Argument injection vulnerability in Microsoft Outlook 2002 does not sufficiently filter parameters of mailto: URLs when using them as arguments when calling OUTLOOK.EXE, which allows remote attackers to use script code in the Local Machine zone and execute arbitrary programs.

Page 2 of 7