Lucene search
+L

7 matches found

thn
thn
added 2024/01/29 1:31 p.m.66 views

Researchers Uncover How Outlook Vulnerability Could Leak Your NTLM Passwords

A now-patched security flaw in Microsoft Outlook could be exploited by threat actors to access NT LAN Manager NTLM v2 hashed passwords when opening a specially crafted file. The issue, tracked as CVE-2023-35636 CVSS score: 6.5, was addressed by the tech giant as part of its Patch Tuesday updates...

6.5CVSS6.3AI score0.17559EPSS
Exploits1
ncsc
ncsc
added 2023/12/13 12:0 a.m.6 views

Vulnerabilities fixed in Microsoft Office

Microsoft has fixed vulnerabilities in several Office products. A malicious party could exploit the vulnerabilities to impersonate another user or gain access to sensitive data, potentially including full access to the local file system. Successful exploitation requires the malicious party to tri...

6.5CVSS6.4AI score0.17559EPSS
Exploits1
talosblog
talosblog
added 2023/12/12 7:45 p.m.42 views

Microsoft releases lightest Patch Tuesday in three years, no zero-days disclosed

Microsofts monthly security update released Tuesday is the companys lightest in four years, including only 33 vulnerabilities. Perhaps more notable is that there are no zero-day vulnerabilities included in Decembers Patch Tuesday, a rarity for Microsoft this year. The companys regular set of...

5.8CVSS9.7AI score0.92817EPSS
Exploits1
nvd
nvd
added 2023/12/12 6:15 p.m.25 views

CVE-2023-35636

Microsoft Outlook Information Disclosure Vulnerability...

6.5CVSS0.17559EPSS
Exploits1References1
cvelist
cvelist
added 2023/12/12 6:10 p.m.45 views

CVE-2023-35636 Microsoft Outlook Information Disclosure Vulnerability

...

6.5CVSS6.6AI score0.17559EPSS
Exploits1References1
cve
cve
added 2023/12/12 6:10 p.m.139 views

CVE-2023-35636

CVE-2023-35636 is an information-disclosure vulnerability in Microsoft Outlook. The issue involves the calendar sharing feature where sending a crafted email with two headers could cause Outlook to disclose data, including NTLMv2 password hashes, to an attacker-controlled responder. Public detail...

6.5CVSS6.5AI score0.17559EPSS
Exploits1References1Affected Software3
nessus
nessus
added 2023/12/12 12:0 a.m.31 views

Security Updates for Outlook (December 2023)

The Microsoft Outlook application installed on the remote host is missing a security update. It is, therefore, affected by an information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. Note that Nessus has not tested for this issue but has...

6.5CVSS8AI score0.17559EPSS
Exploits1References2
Rows per page
Query Builder