Filtered by vendor Microsoft
Subscriptions
Filtered by product Outlook
Subscriptions
Total
119 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-8508 | 1 Microsoft | 1 Outlook | 2025-04-20 | N/A |
| A security feature bypass vulnerability exists in Microsoft Office software when it improperly handles the parsing of file formats, aka "Microsoft Office Security Feature Bypass Vulnerability". | ||||
| CVE-2017-8572 | 1 Microsoft | 1 Outlook | 2025-04-20 | N/A |
| Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, Outlook 2013 RT SP1, and Outlook 2016 as packaged in Microsoft Office allows an information disclosure vulnerability due to the way that it discloses the contents of its memory, aka "Microsoft Office Outlook Information Disclosure Vulnerability". | ||||
| CVE-2017-8507 | 1 Microsoft | 1 Outlook | 2025-04-20 | N/A |
| A remote code execution vulnerability exists in the way Microsoft Office software parses specially crafted email messages, aka "Microsoft Office Memory Corruption Vulnerability". | ||||
| CVE-2017-0207 | 1 Microsoft | 1 Outlook | 2025-04-20 | N/A |
| Microsoft Outlook for Mac 2011 allows remote attackers to spoof web content via a crafted email with specific HTML tags, aka "Microsoft Browser Spoofing Vulnerability." | ||||
| CVE-2017-8545 | 1 Microsoft | 1 Outlook | 2025-04-20 | N/A |
| A spoofing vulnerability exists in when Microsoft Outlook for Mac does not sanitize html properly, aka "Microsoft Outlook for Mac Spoofing Vulnerability". | ||||
| CVE-2017-0106 | 1 Microsoft | 1 Outlook | 2025-04-20 | N/A |
| Microsoft Excel 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1, and Microsoft Outlook 2016 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." | ||||
| CVE-2017-8571 | 1 Microsoft | 1 Outlook | 2025-04-20 | N/A |
| Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, Outlook 2013 RT SP1, and Outlook 2016 as packaged in Microsoft Office allows a security feature bypass vulnerability due to the way that it handles input, aka "Microsoft Office Outlook Security Feature Bypass Vulnerability". | ||||
| CVE-2017-8506 | 1 Microsoft | 1 Outlook | 2025-04-20 | N/A |
| A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, and CVE-2017-0260. | ||||
| CVE-2017-8663 | 1 Microsoft | 1 Outlook | 2025-04-20 | N/A |
| Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, Outlook 2013 RT SP1, and Outlook 2016 as packaged in Microsoft Office allows a remote code execution vulnerability due to the way Microsoft Outlook parses specially crafted email messages, aka "Microsoft Office Outlook Memory Corruption Vulnerability" | ||||
| CVE-2016-3366 | 1 Microsoft | 1 Outlook | 2025-04-12 | N/A |
| Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, Outlook 2013 RT SP1, Outlook 2016, and Outlook 2016 for Mac do not properly implement RFC 2046, which allows remote attackers to bypass virus or spam detection via crafted MIME data in an e-mail attachment, aka "Microsoft Office Spoofing Vulnerability." | ||||
| CVE-2016-3278 | 1 Microsoft | 2 Outlook, Outlook Rt | 2025-04-12 | N/A |
| Microsoft Outlook 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." | ||||
| CVE-2010-2728 | 1 Microsoft | 1 Outlook | 2025-04-11 | N/A |
| Heap-based buffer overflow in Microsoft Outlook 2002 SP3, 2003 SP3, and 2007 SP2, when Online Mode for an Exchange Server is enabled, allows remote attackers to execute arbitrary code via a crafted e-mail message, aka "Heap Based Buffer Overflow in Outlook Vulnerability." | ||||
| CVE-2010-0266 | 1 Microsoft | 2 Office, Outlook | 2025-04-11 | N/A |
| Microsoft Office Outlook 2002 SP3, 2003 SP3, and 2007 SP1 and SP2 does not properly verify e-mail attachments with a PR_ATTACH_METHOD property value of ATTACH_BY_REFERENCE, which allows user-assisted remote attackers to execute arbitrary code via a crafted message, aka "Microsoft Outlook SMB Attachment Vulnerability." | ||||
| CVE-2013-3905 | 1 Microsoft | 1 Outlook | 2025-04-11 | N/A |
| Microsoft Outlook 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT does not properly expand metadata contained in S/MIME certificates, which allows remote attackers to obtain sensitive network configuration and state information via a crafted certificate in an e-mail message, aka "S/MIME AIA Vulnerability." | ||||
| CVE-2013-3870 | 1 Microsoft | 1 Outlook | 2025-04-11 | N/A |
| Double free vulnerability in Microsoft Outlook 2007 SP3 and 2010 SP1 and SP2 allows remote attackers to execute arbitrary code by including many nested S/MIME certificates in an e-mail message, aka "Message Certificate Vulnerability." | ||||
| CVE-2008-3068 | 1 Microsoft | 17 Access, Excel, Frontpage and 14 more | 2025-04-09 | N/A |
| Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation List (CRL) checks by using an arbitrary URL from a certificate embedded in a (1) S/MIME e-mail message or (2) signed document, which allows remote attackers to obtain reading times and IP addresses of recipients, and port-scan results, via a crafted certificate with an Authority Information Access (AIA) extension. | ||||
| CVE-2007-0671 | 1 Microsoft | 14 Access, Excel, Excel Viewer and 11 more | 2025-04-09 | N/A |
| Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks. | ||||
| CVE-2007-0034 | 1 Microsoft | 2 Office, Outlook | 2025-04-09 | N/A |
| Buffer overflow in the Advanced Search (Finder.exe) feature of Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted Outlook Saved Searches (OSS) file that triggers memory corruption, aka "Microsoft Outlook Advanced Find Vulnerability." | ||||
| CVE-2007-0033 | 1 Microsoft | 2 Office, Outlook | 2025-04-09 | N/A |
| Microsoft Outlook 2002 and 2003 allows user-assisted remote attackers to execute arbitrary code via a malformed VEVENT record in an .iCal meeting request or ICS file. | ||||
| CVE-2006-3877 | 1 Microsoft | 14 Access, Excel, Excel Viewer and 11 more | 2025-04-09 | N/A |
| Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-2006-3876. | ||||