Home

CVE-2018-0791

Description

Microsoft Outlook 2007, Microsoft Outlook 2010, Microsoft Outlook 2013, and Microsoft Outlook 2016 allow a remote code execution vulnerability due to the way email messages are parsed, aka Microsoft Outlook Remote Code Execution Vulnerability. This CVE is unique from CVE-2018-0793.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
35.569

Associated Vulnerability

VulnerabilityOS Platform
Microsoft Office Remote Code Execution Vulnerability for Microsoft Office Outlook 2007 (KB4011213)Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft Outlook 2016 (KB4011626) 64-Bit EditionWindows
Microsoft Office Remote Code Execution Vulnerability for Microsoft Outlook 2016 (KB4011626) 32-Bit EditionWindows
Microsoft Office Remote Code Execution Vulnerability for Microsoft Outlook 2010 (KB4011273) 64-Bit EditionWindows
Microsoft Office Remote Code Execution Vulnerability for Microsoft Outlook 2010 (KB4011273) 32-Bit EditionWindows
Microsoft Office Remote Code Execution Vulnerability for Microsoft Outlook 2013 (KB4011637) 64-Bit EditionWindows
Microsoft Office Remote Code Execution Vulnerability for Microsoft Outlook 2013 (KB4011637) 32-Bit EditionWindows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-23717Security Update for Microsoft Office Outlook 2007 (KB4011213)
PATCH-23756Security Update for Microsoft Outlook 2016 (KB4011626) 64-Bit Edition
PATCH-23755Security Update for Microsoft Outlook 2016 (KB4011626) 32-Bit Edition
PATCH-23727Security Update for Microsoft Outlook 2010 (KB4011273) 64-Bit Edition
PATCH-23726Security Update for Microsoft Outlook 2010 (KB4011273) 32-Bit Edition
PATCH-23742Security Update for Microsoft Outlook 2013 (KB4011637) 64-Bit Edition
PATCH-23741Security Update for Microsoft Outlook 2013 (KB4011637) 32-Bit Edition

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234