Lucene search

K
cve[email protected]CVE-2020-1349
HistoryJul 14, 2020 - 11:15 p.m.

CVE-2020-1349

2020-07-1423:15:13
web.nvd.nist.gov
97
2
cve-2020-1349
microsoft outlook
software
remote code execution
memory handling
nvd

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.025 Low

EPSS

Percentile

90.1%

A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka ‘Microsoft Outlook Remote Code Execution Vulnerability’.

Affected configurations

Vulners
NVD
Node
microsoft365_apps
OR
microsoft365_apps
OR
microsoftoffice
OR
microsoftoffice
OR
microsoftoutlook
OR
microsoftoutlook
OR
microsoftoutlook
OR
microsoftoutlook
OR
microsoftoutlook
OR
microsoftoutlook
OR
microsoftoutlook
VendorProductVersionCPE
microsoft365_apps*cpe:2.3:a:microsoft:365_apps:*:*:*:*:*:*:*:*
microsoft365_apps*cpe:2.3:a:microsoft:365_apps:*:*:*:*:*:*:*:*
microsoftoffice*cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*
microsoftoffice*cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*
microsoftoutlook*cpe:2.3:a:microsoft:outlook:*:*:*:*:*:*:*:*
microsoftoutlook*cpe:2.3:a:microsoft:outlook:*:*:*:*:*:*:*:*
microsoftoutlook*cpe:2.3:a:microsoft:outlook:*:*:*:*:*:*:*:*
microsoftoutlook*cpe:2.3:a:microsoft:outlook:*:*:*:*:*:*:*:*
microsoftoutlook*cpe:2.3:a:microsoft:outlook:*:*:*:*:*:*:*:*
microsoftoutlook*cpe:2.3:a:microsoft:outlook:*:*:*:*:*:*:*:*
Rows per page:
1-10 of 111

CNA Affected

[
  {
    "vendor": "Microsoft",
    "product": "Microsoft 365 Apps for Enterprise for 32-bit Systems",
    "versions": [
      {
        "version": "unspecified",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft 365 Apps for Enterprise for 64-bit Systems",
    "versions": [
      {
        "version": "unspecified",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Office",
    "versions": [
      {
        "version": "2019 for 32-bit editions",
        "status": "affected"
      },
      {
        "version": "2019 for 64-bit editions",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "Microsoft",
    "product": "Microsoft Outlook",
    "versions": [
      {
        "version": "2016 (32-bit edition)",
        "status": "affected"
      },
      {
        "version": "2016 (64-bit edition)",
        "status": "affected"
      },
      {
        "version": "2013 Service Pack 1 (32-bit editions)",
        "status": "affected"
      },
      {
        "version": "2013 Service Pack 1 (64-bit editions)",
        "status": "affected"
      },
      {
        "version": "2010 Service Pack 2 (32-bit editions)",
        "status": "affected"
      },
      {
        "version": "2010 Service Pack 2 (64-bit editions)",
        "status": "affected"
      },
      {
        "version": "2013 RT Service Pack 1",
        "status": "affected"
      }
    ]
  }
]

Social References

More

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.025 Low

EPSS

Percentile

90.1%