CVE-2018-0850
Description
Microsoft Outlook 2007, Microsoft Outlook 2010, Microsoft Outlook 2013, Microsoft Outlook 2016, and Microsoft Office 2016 Click-to-Run allow an elevation of privilege vulnerability due to how the format of incoming message is validated, aka Microsoft Outlook Elevation of Privilege Vulnerability.
Risk Information
Base Score
6.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
EPSS Score
Exploitation Probability
16.756
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Microsoft Outlook Elevation of Privilege Vulnerability for Microsoft Outlook 2016 (KB4011682) 32-Bit Edition | Windows |
| Microsoft Outlook Elevation of Privilege Vulnerability for Microsoft Outlook 2016 (KB4011682) 64-Bit Edition | Windows |
| Microsoft Outlook Elevation of Privilege Vulnerability for Microsoft Outlook 2013 (KB4011697) 32-Bit Edition | Windows |
| Microsoft Outlook Elevation of Privilege Vulnerability for Microsoft Outlook 2013 (KB4011697) 64-Bit Edition | Windows |
| Microsoft Outlook Elevation of Privilege Vulnerability for Microsoft Outlook 2010 (KB4011711) 32-Bit Edition | Windows |
| Microsoft Outlook Elevation of Privilege Vulnerability for Microsoft Outlook 2010 (KB4011711) 64-Bit Edition | Windows |
| Microsoft Outlook Elevation of Privilege Vulnerability for Microsoft Office Outlook 2007 (KB4011200) | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-23902 | Security Update for Microsoft Outlook 2016 (KB4011682) 32-Bit Edition |
| PATCH-23903 | Security Update for Microsoft Outlook 2016 (KB4011682) 64-Bit Edition |
| PATCH-23904 | Security Update for Microsoft Outlook 2013 (KB4011697) 32-Bit Edition |
| PATCH-23905 | Security Update for Microsoft Outlook 2013 (KB4011697) 64-Bit Edition |
| PATCH-23927 | Security Update for Microsoft Outlook 2010 (KB4011711) 32-Bit Edition |
| PATCH-23928 | Security Update for Microsoft Outlook 2010 (KB4011711) 64-Bit Edition |
| PATCH-23931 | Security Update for Microsoft Office Outlook 2007 (KB4011200) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234