Home

CVE-2016-3366

Description

Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, Outlook 2013 RT SP1, Outlook 2016, and Outlook 2016 for Mac do not properly implement RFC 2046, which allows remote attackers to bypass virus or spam detection via crafted MIME data in an e-mail attachment, aka Microsoft Office Spoofing Vulnerability.

Risk Information

Base Score
6.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
EPSS Score
Exploitation Probability
10.418

Associated Vulnerability

VulnerabilityOS Platform
Microsoft Outlook Spoofing Vulnerability for Microsoft SharePoint Enterprise Server 2013 (KB3115169)Windows
Microsoft Outlook Spoofing Vulnerability for Microsoft SharePoint Enterprise Server 2013 (KB3054862)Windows
Microsoft Outlook Spoofing Vulnerability for Microsoft Office 2013 (KB3118268) 64-Bit EditionWindows
Microsoft Outlook Spoofing Vulnerability for Microsoft Office 2013 (KB3118268) 32-Bit EditionWindows
Microsoft Outlook Spoofing Vulnerability for Microsoft Office 2007 suites (KB3118300)Windows
Microsoft Outlook Spoofing Vulnerability for Microsoft Office 2016 (KB3118292) 64-Bit EditionWindows
Microsoft Outlook Spoofing Vulnerability for Microsoft Office 2016 (KB3118292) 32-Bit EditionWindows
Microsoft Outlook Spoofing Vulnerability for Microsoft Office 2010 (KB3118309) 64-Bit EditionWindows
Microsoft Outlook Spoofing Vulnerability for Microsoft Office 2010 (KB3118309) 32-Bit EditionWindows
Microsoft Outlook Spoofing Vulnerability for Microsoft Office 2010 (KB2553432) 64-Bit EditionWindows
Microsoft Outlook Spoofing Vulnerability for Microsoft Office 2010 (KB2553432) 32-Bit EditionWindows
Microsoft Outlook Spoofing Vulnerability for Office 2003 (KB3118297)Windows
Microsoft Outlook Spoofing Vulnerability for Microsoft SharePoint Server 2010 (KB3115119)Windows
Microsoft Outlook Spoofing Vulnerability for Microsoft Office Compatibility Pack Service Pack 3 (KB3115462)Windows
Microsoft Outlook Spoofing Vulnerability for Microsoft Excel 2010 (KB3118316) 64-Bit EditionWindows
Microsoft Outlook Spoofing Vulnerability for Microsoft Excel 2010 (KB3118316) 32-Bit EditionWindows
Microsoft Outlook Spoofing Vulnerability for Microsoft Excel 2016 (KB3118290) 64-Bit EditionWindows
Microsoft Outlook Spoofing Vulnerability for Microsoft Excel 2016 (KB3118290) 32-Bit EditionWindows
Microsoft Outlook Spoofing Vulnerability for Microsoft Office Excel Viewer 2007 (KB3115463)Windows
Microsoft Outlook Spoofing Vulnerability for Microsoft Excel 2013 (KB3118284) 64-Bit EditionWindows
Microsoft Outlook Spoofing Vulnerability for Microsoft Excel 2013 (KB3118284) 32-Bit EditionWindows
Microsoft Outlook Spoofing Vulnerability for Microsoft Office Excel 2007 (KB3115459)Windows
Microsoft Outlook Spoofing Vulnerability for Microsoft Office Outlook 2007 (KB3118303)Windows
Microsoft Outlook Spoofing Vulnerability for Microsoft Outlook 2013 (KB3118280) 32-Bit EditionWindows
Microsoft Outlook Spoofing Vulnerability for Microsoft Outlook 2013 (KB3118280) 64-Bit EditionWindows
Microsoft Outlook Spoofing Vulnerability for Microsoft Outlook 2016 (KB3118293) 32-Bit EditionWindows
Microsoft Outlook Spoofing Vulnerability for Microsoft Outlook 2016 (KB3118293) 64-Bit EditionWindows
Microsoft Outlook Spoofing Vulnerability for Microsoft Outlook 2010 (KB3118313) 32-Bit EditionWindows
Microsoft Outlook Spoofing Vulnerability for Microsoft Outlook 2010 (KB3118313) 64-Bit EditionWindows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-21428Security Update for Microsoft SharePoint Enterprise Server 2013 (KB3115169)
PATCH-21409Security Update for Microsoft Office 2013 (KB3118268) 64-Bit Edition
PATCH-21408Security Update for Microsoft Office 2013 (KB3118268) 32-Bit Edition
PATCH-21417Security Update for Microsoft Office 2016 (KB3118292) 64-Bit Edition
PATCH-21416Security Update for Microsoft Office 2016 (KB3118292) 32-Bit Edition
PATCH-21401Security Update for Microsoft Office 2010 (KB2553432) 64-Bit Edition
PATCH-21400Security Update for Microsoft Office 2010 (KB2553432) 32-Bit Edition
PATCH-21424Security Update for Office 2003 (KB3118297)
PATCH-21423Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3115462)
PATCH-21403Security Update for Microsoft Excel 2010 (KB3118316) 64-Bit Edition
PATCH-21402Security Update for Microsoft Excel 2010 (KB3118316) 32-Bit Edition
PATCH-21419Security Update for Microsoft Excel 2016 (KB3118290) 64-Bit Edition
PATCH-21418Security Update for Microsoft Excel 2016 (KB3118290) 32-Bit Edition
PATCH-21426Security Update for Microsoft Office Excel Viewer 2007 (KB3115463)
PATCH-21411Security Update for Microsoft Excel 2013 (KB3118284) 64-Bit Edition
PATCH-21410Security Update for Microsoft Excel 2013 (KB3118284) 32-Bit Edition
PATCH-21395Security Update for Microsoft Office Excel 2007 (KB3115459)
PATCH-21396Security Update for Microsoft Office Outlook 2007 (KB3118303)
PATCH-21412Security Update for Microsoft Outlook 2013 (KB3118280) 32-Bit Edition
PATCH-21413Security Update for Microsoft Outlook 2013 (KB3118280) 64-Bit Edition
PATCH-21420Security Update for Microsoft Outlook 2016 (KB3118293) 32-Bit Edition
PATCH-21421Security Update for Microsoft Outlook 2016 (KB3118293) 64-Bit Edition
PATCH-21404Security Update for Microsoft Outlook 2010 (KB3118313) 32-Bit Edition

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234