CVE-2021-28452

Description

Microsoft Outlook Memory Corruption Vulnerability

Risk Information

Base Score

6.9

MODERATE

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L/E:U/RL:O/RC:C

EPSS Score

Exploitation Probability

1.999

Associated Vulnerability

Vulnerability	OS Platform
Microsoft Outlook Memory Corruption Vulnerability for Microsoft Outlook 2010 (KB4493185) 32-Bit Edition	Windows
Microsoft Outlook Memory Corruption Vulnerability for Microsoft Outlook 2010 (KB4493185) 64-Bit Edition	Windows
Microsoft Outlook Memory Corruption Vulnerability for Microsoft Outlook 2016 (KB4504712) 64-Bit Edition	Windows
Microsoft Outlook Memory Corruption Vulnerability for Microsoft Outlook 2016 (KB4504712) 32-Bit Edition	Windows
Microsoft Outlook Memory Corruption Vulnerability for Microsoft Outlook 2013 (KB4504733) 64-Bit Edition	Windows
Microsoft Outlook Memory Corruption Vulnerability for Microsoft Outlook 2013 (KB4504733) 32-Bit Edition	Windows
Microsoft Office Remote Code Execution Vulnerability for Office 2019 for x86 1808 of version(10373.20050)	Windows
Microsoft Office Remote Code Execution Vulnerability for Office 2019 x64 1808 (Build:10373.20050)	Windows
Microsoft Office Remote Code Execution Vulnerability for Office 2019 for x64 1808 of version(10373.20050)	Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Channel for x64 2008 of version(13127.21506)	Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Channel for x86 2008 of version(13127.21506)	Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Semi Annual Channel for x64 2008 of version(13127.21506)	Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Semi Annual Channel for x86 2008 of version(13127.21506)	Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi-Annual Channel Version 2008 (Build 13127.21506) (Online Installer)	Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x64 2102 of version(13801.20506)	Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x86 2102 of version(13801.20506)	Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Targeted Channel Version 2102 (Build 13801.20506) (Online Installer)	Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Current Channel for x64 2103 of version(13901.20400)	Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Current Channel for x86 2103 of version(13901.20400)	Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Current Channel for x64 2103 of version(13901.20400)	Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Current Channel for x86 2103 of version(13901.20400)	Windows
Microsoft Office Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Current Channel Version 2103 (Build 13901.20400)	Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-31245	Security Update for Microsoft Outlook 2010 (KB4493185) 32-Bit Edition
PATCH-31246	Security Update for Microsoft Outlook 2010 (KB4493185) 64-Bit Edition
PATCH-31249	Security Update for Microsoft Outlook 2016 (KB4504712) 64-Bit Edition
PATCH-31250	Security Update for Microsoft Outlook 2016 (KB4504712) 32-Bit Edition
PATCH-31247	Security Update for Microsoft Outlook 2013 (KB4504733) 64-Bit Edition
PATCH-31248	Security Update for Microsoft Outlook 2013 (KB4504733) 32-Bit Edition
PATCH-31275	Update for Office 2019 for x86 1808 of version(10373.20050)
PATCH-31276	Office 2016 Deployment Tool for Office 2019 x64 1808 (Build:10373.20050)
PATCH-31277	Update for Office 2019 for x64 1808 of version(10373.20050)
PATCH-31279	Update for Microsoft 365 Apps for Enterprise Semi Annual Channel for x64 2008 of version(13127.21506)
PATCH-31281	Update for Microsoft 365 Apps for Enterprise Semi Annual Channel for x86 2008 of version(13127.21506)
PATCH-31283	Update for Microsoft 365 Apps for Business Semi Annual Channel for x64 2008 of version(13127.21506)
PATCH-31285	Update for Microsoft 365 Apps for Business Semi Annual Channel for x86 2008 of version(13127.21506)
PATCH-31291	Update for Microsoft 365 Apps for Enterprise Semi-Annual Channel Version 2008 (Build 13127.21506) (Online Installer)
PATCH-31287	Update for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x64 2102 of version(13801.20506)
PATCH-31289	Update for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x86 2102 of version(13801.20506)
PATCH-31292	Update for Microsoft 365 Apps for Enterprise Targeted Channel Version 2102 (Build 13801.20506) (Online Installer)
PATCH-31267	Update for Microsoft 365 Apps for Enterprise Current Channel for x64 2103 of version(13901.20400)
PATCH-31269	Update for Microsoft 365 Apps for Enterprise Current Channel for x86 2103 of version(13901.20400)
PATCH-31271	Update for Microsoft 365 Apps for Business Current Channel for x64 2103 of version(13901.20400)
PATCH-31273	Update for Microsoft 365 Apps for Business Current Channel for x86 2103 of version(13901.20400)
PATCH-31290	Update for Microsoft 365 Apps for Enterprise Current Channel Version 2103 (Build 13901.20400)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234