Outlook Security Vulnerabilities and Issues — Outlook CVE List

Lucene search

MicrosoftOutlook

7 matches found

CVE•added 2019/07/15 7:15 p.m.•253 views

CVE-2019-1084

An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters. An authenticated attacker could exploit this vulnerability by creating entities with invalid display names, which, when added to conversations, remain invisib...

6.5CVSS5.3AI score0.07824EPSS

CVE•added 2019/01/08 9:29 p.m.•94 views

CVE-2019-0559

An information disclosure vulnerability exists when Microsoft Outlook improperly handles certain types of messages, aka "Microsoft Outlook Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook.

6.5CVSS5.9AI score0.25751EPSS

CVE•added 2019/01/08 9:29 p.m.•93 views

CVE-2019-0560

An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory, aka "Microsoft Office Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office.

5.5CVSS5.1AI score0.26918EPSS

CVE•added 2019/08/14 9:15 p.m.•87 views

CVE-2019-1200

A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the...

9.3CVSS7.7AI score0.07373EPSS

CVE•added 2019/07/29 2:15 p.m.•82 views

CVE-2019-1105

A spoofing vulnerability exists in the way Microsoft Outlook for Android software parses specifically crafted email messages. An authenticated attacker could exploit the vulnerability by sending a specially crafted email message to a victim.The attacker who successfully exploited this vulnerability...

5.4CVSS5AI score0.00528EPSS

CVE•added 2019/08/14 9:15 p.m.•76 views

CVE-2019-1218

A spoofing vulnerability exists in the way Microsoft Outlook iOS software parses specifically crafted email messages. An authenticated attacker could exploit the vulnerability by sending a specially crafted email message to a victim.The attacker who successfully exploited this vulnerability could t...

5.4CVSS4.8AI score0.08981EPSS

CVE•added 2019/08/14 9:15 p.m.•75 views

CVE-2019-1204

An elevation of privilege vulnerability exists when Microsoft Outlook initiates processing of incoming messages without sufficient validation of the formatting of the messages. An attacker who successfully exploited the vulnerability could attempt to force Outlook to load a local or remote message ...

4.3CVSS5.5AI score0.08582EPSS