Home

CVE-2017-8571

Description

Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, Outlook 2013 RT SP1, and Outlook 2016 as packaged in Microsoft Office allows a security feature bypass vulnerability due to the way that it handles input, aka Microsoft Office Outlook Security Feature Bypass Vulnerability.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
14.406

Associated Vulnerability

VulnerabilityOS Platform
Microsoft Outlook Information Disclosure Vulnerability for Microsoft Outlook 2010 (KB2956078) 64-Bit EditionWindows
Microsoft Outlook Information Disclosure Vulnerability for Microsoft Outlook 2010 (KB2956078) 32-Bit EditionWindows
Microsoft Outlook Information Disclosure Vulnerability for Microsoft Outlook 2013 (KB4011078) 64-Bit EditionWindows
Microsoft Outlook Information Disclosure Vulnerability for Microsoft Outlook 2013 (KB4011078) 32-Bit EditionWindows
Microsoft Outlook Information Disclosure Vulnerability for Microsoft Office Outlook 2007 (KB3213643)Windows
Microsoft Outlook Information Disclosure Vulnerability for Microsoft Outlook 2016 (KB4011052) 64-Bit EditionWindows
Microsoft Outlook Information Disclosure Vulnerability for Microsoft Outlook 2016 (KB4011052) 32-Bit EditionWindows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-22858Security Update for Microsoft Outlook 2010 (KB2956078) 64-Bit Edition
PATCH-22857Security Update for Microsoft Outlook 2010 (KB2956078) 32-Bit Edition
PATCH-22860Security Update for Microsoft Outlook 2013 (KB4011078) 64-Bit Edition
PATCH-22859Security Update for Microsoft Outlook 2013 (KB4011078) 32-Bit Edition
PATCH-22861Security Update for Microsoft Office Outlook 2007 (KB3213643)
PATCH-22856Security Update for Microsoft Outlook 2016 (KB4011052) 64-Bit Edition
PATCH-22855Security Update for Microsoft Outlook 2016 (KB4011052) 32-Bit Edition

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234