44 results (0.011 seconds)

CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0

Microsoft Outlook Spoofing Vulnerability • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36893 • CWE-20: Improper Input Validation •

CVSS: 8.8EPSS: 75%CPEs: 6EXPL: 0

Microsoft Outlook Security Feature Bypass Vulnerability Microsoft Outlook contains a security feature bypass vulnerability that allows an attacker to bypass the Microsoft Outlook Security Notice prompt. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35311 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •

CVSS: 8.8EPSS: 16%CPEs: 9EXPL: 1

Microsoft Outlook Remote Code Execution Vulnerability Microsoft Outlook suffers from a remote code execution via a maliciously crafted word file. • https://www.exploit-db.com/exploits/51574 http://packetstormsecurity.com/files/173361/Microsoft-365-MSO-2306-Build-16.0.16529.20100-Remote-Code-Execution.html https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33131 •

CVSS: 9.8EPSS: 90%CPEs: 6EXPL: 25

Microsoft Outlook Elevation of Privilege Vulnerability Microsoft Office Outlook contains a privilege escalation vulnerability that allows for a NTLM Relay attack against another service to authenticate as the user. • https://github.com/sqrtZeroKnowledge/CVE-2023-23397_EXPLOIT_0DAY https://github.com/ahmedkhlief/CVE-2023-23397-POC https://github.com/ahmedkhlief/CVE-2023-23397-POC-Using-Interop-Outlook https://github.com/Pushkarup/CVE-2023-23397 https://github.com/Cyb3rMaddy/CVE-2023-23397-Report https://github.com/api0cradle/CVE-2023-23397-POC-Powershell https://github.com/Trackflaw/CVE-2023-23397 https://github.com/ka7ana/CVE-2023-23397 https://github.com/tiepologian/CVE-2023-23397 https://gith • CWE-20: Improper Input Validation CWE-294: Authentication Bypass by Capture-replay •

CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0

Microsoft Outlook Denial of Service Vulnerability Vulnerabilidad de denegación de servicios encontrada en Microsoft Outlook. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Outlook. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of MIME headers. Crafted MIME headers within an email message can cause Outlook to release an invalid pointer. An attacker can leverage this vulnerability to create a persistent denial-of-service condition on the Microsoft Outlook application. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35742 •