46 matches found
HCL Traveler for Microsoft Outlook 安全漏洞
HCL Traveler for Microsoft Outlook is a software component in Microsoft Outlook from HCL India. A security vulnerability exists in HCL Traveler for Microsoft Outlook that stems from credential disclosure and could lead to an attacker accessing other computers or applications...
CVE-2024-42191
HCL Traveler for Microsoft Outlook HTMO is susceptible to a COM hijacking vulnerability which could allow an attacker to modify or replace the application with malicious content...
Security Updates for Outlook C2R (May 2025)
The Microsoft Outlook application installed on the remote host is missing a security update. It is, therefore, affected by a remote code execution vulnerability. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number...
Security Updates for Outlook (August 2024)
The Microsoft Outlook application installed on the remote host is missing a security update. It is, therefore, affected by the following vulnerability: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands...
Outlook Hack: Microsoft Reveals How a Crash Dump Led to a Major Security Breach
Microsoft on Wednesday revealed that a China-based threat actor known as Storm-0558 acquired the inactive consumer signing key to forge tokens and access Outlook by compromising an engineer's corporate account. This enabled the adversary to access a debugging environment that contained informatio...
CVE-2023-35311 Microsoft Outlook Security Feature Bypass Vulnerability
...
Microsoft Outlook Elevation of Privilege Vulnerability
...
Description of the security update for Outlook 2016: April 14, 2020
Description of the security update for Outlook 2016: April 14, 2020 Summary This security update resolves a remote code execution vulnerability that exists if Microsoft Office incorrectly loads arbitrary type libraries. To learn more about the vulnerability, see Microsoft Common Vulnerabilities a...
Microsoft Office Compatibility Pack Service Pack 3 Information Disclosure Vulnerability (KB4018308)
This host is missing an important security update according to Microsoft KB4018308 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...
Description of the security update for Outlook 2010: June 13, 2017
Description of the security update for Outlook 2010: June 13, 2017 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common...
MS15-110: Description of the security update for Office 2016 for Mac: October 13, 2015
MS15-110: Description of the security update for Office 2016 for Mac: October 13, 2015 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see...
Android Outlook App Could Expose Emails, Attachments
There are two issues with the way Microsoft’s Outlook application encrypts content on older versions of Android that could expose users’ emails and email attachments. Paolo Soto, a researcher with the security firm Include Security, said his team initially dug up the vulnerabilities in November...
OutlookMuteX.txt
' Recent versions of Outlook, as well as a released patch, ' make Outlook prompt the user whenever a remote appliction ' tries to access specific contact information in the Outlook ' Contact database. The user can then decide to allow or not ' allow the application to get that access. ' ' Microso...
OUTLOOK 2003: OuchLook
Sunday, May 09, 2004 Outlook 2003 the premier mail client from the company called 'Microsoft' certainly appears to have a lot of security features built into it. Curosry examination shows excellent thought into 'spam' containment, 'security' consideration and many other little 'things'. However...
Outlook/Outlook Express NULL character DoS
Client hangs on POP3 receiving if message contains NULL character...
MS-Windows ME IE/Outlook/HelpCenter critical vulnerability
-- Summary -- From the Microsoft Security Bulletin MS03-006: " A security vulnerability is present in the Windows Me version of Help and Support Center .... An attacker could exploit the vulnerability by constructing a URL that, when clicked on by the user, would execute code of the attacker's...
Microsoft Outlook2000Express 6.0 - Arbitrary Program Execution
Microsoft Outlook2000Express 6.0 - Arbitrary Program Execution source: https://www.securityfocus.com/bid/6923/info Microsoft Outlook and Outlook Express may execute arbitrary programs through objects embedded in HTML email messages. When an email message or newsgroup message is viewed using...
Vulnerabilities in Microsoft's Java implementation
OVERVIEW ======== Microsoft Internet Explorer comes with Java virtual machine and accompanying class packages. Multiple security vulnerabilities have been found in the Java environment. Some of these allow an attacker to deliver and run arbitrary code on the Internet Explorer or Outlook user's...
How Outlook 2002 can still execute JavaScript in an HTML email message
Hello, Windows Media Player WMP reintroduces the ability to automatically execute JavaScript code from an HTML email message in Outlook 2002. JavaScript is disabled by default in Outlook 2002, because it can facilitate the creation of worms and other malicious code which is carried by HTML email...
Vulnerability in IE/Outlook ActiveX control
-----BEGIN PGP SIGNED MESSAGE----- Microsoft alerted me to a new vulnerability discovered by Georgi Guninski and now posted publicly. The vulnerability involves an ActiveX control that is installed by a variety of software, including Office/Outlook XP. The control exposes a method which should no...