Spoofing Vulnerability in Microsoft Outlook for Mac
CVE-2017-8545

6.5MEDIUM

Key Information:

Vendor
Microsoft
Status
Microsoft Outlook For Mac
Vendor
CVE Published:
15 June 2017

Summary

A spoofing vulnerability exists in Microsoft Outlook for Mac due to improper sanitization of HTML content. This flaw can allow an attacker to create malicious emails that appear to be from trustworthy sources, potentially leading to phishing attacks or the unauthorized dissemination of sensitive information. Users of the affected versions of Outlook are advised to apply the latest updates to mitigate the risks associated with this vulnerability.

Affected Version(s)

Microsoft Outlook for Mac Microsoft Outlook 2016 for Mac.

References

https://portal.msrc.microsoft.com/en-US/security-guidance...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/98917
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1038664
vdb-entryx_refsource_SECTRACK

EPSS Score

13% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.