12 matches found
CVE-2019-1084
An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters. An authenticated attacker could exploit this vulnerability by creating entities with invalid display names, which, when added to conversations, remain...
Security Updates for Microsoft Office (July 2019) (macOS)
The Microsoft Office application installed on the remote macOS or Mac OS X host is missing a security update. It is, therefore, affected by multiple vulnerabilities: - An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable...
CVE-2019-1084
An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters. An authenticated attacker could exploit this vulnerability by creating entities with invalid display names, which, when added to conversations, remain...
CVE-2019-1084
CVE-2019-1084 affects Microsoft Exchange (display name creation with non-printable characters) leading to information disclosure. Root cause: display names with invalid characters bypass visibility controls and can be added to conversations; impact is partial confidentiality exposure per CVSS dat...
Security Updates for Microsoft Skype for Business and Microsoft Lync (July 2019)
The Microsoft Skype for Business or Microsoft Lync installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability : - An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having...
Description of the security update for Outlook 2010: July 9, 2019
Description of the security update for Outlook 2010: July 9, 2019 Summary This security update resolves an information disclosure vulnerability that exists if Microsoft Exchange allows the creation of entities that have Display Names that contain non-printable characters. To learn more about the...
Description of the security update for Outlook 2013: July 9, 2019
Description of the security update for Outlook 2013: July 9, 2019 Summary This security update resolves an information disclosure vulnerability that exists if Microsoft Exchange allows entities to be created even though they have Display Names that contain non-printable characters.. To learn more...
Description of the security update for Microsoft Exchange Server 2010: July 9, 2019
Description of the security update for Microsoft Exchange Server 2010: July 9, 2019 This update rollup is a security update that provides a security advisory in Microsoft Exchange. To learn more about these vulnerabilities, see the following Common Vulnerabilities and Exposures CVE: CVE-2019-1084...
KLA11518 Multiple vulnerabilities in Microsoft Exchange Server
Multiple vulnerabilities were found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to spoof user interface, gain privileges, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A spoofing vulnerability in Microsoft Exchange Server can be...
KLA11820 Multiple vulnerabilities in Microsoft Apps
Multiple vulnerabilities were found in Microsoft Apps. Malicious users can exploit these vulnerabilities to obtain sensitive information. Below is a complete list of vulnerabilities: 1. An information disclosure vulnerability in Remote Desktop Protocol Client can be exploited remotely via special...
KLA11512 Multiple vulnerabilities in Microsoft Office
Multiple vulnerabilities were found in Microsoft Office Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, spoof user interface. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft Excel can be...
Security Updates for Exchange (July 2019)
The Microsoft Exchange Server installed on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : - A cross-site-scripting XSS vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request to an affect...