[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2016-3366Date: (C)2016-09-16   (M)2023-12-22


Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, Outlook 2013 RT SP1, Outlook 2016, and Outlook 2016 for Mac do not properly implement RFC 2046, which allows remote attackers to bypass virus or spam detection via crafted MIME data in an e-mail attachment, aka "Microsoft Office Spoofing Vulnerability."

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 6.5CVSS Score : 4.3
Exploit Score: 2.8Exploit Score: 8.6
Impact Score: 3.6Impact Score: 2.9
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: NETWORKAccess Vector: NETWORK
Attack Complexity: LOWAccess Complexity: MEDIUM
Privileges Required: NONEAuthentication: NONE
User Interaction: REQUIREDConfidentiality: NONE
Scope: UNCHANGEDIntegrity: PARTIAL
Confidentiality: NONEAvailability: NONE
Integrity: HIGH 
Availability: NONE 
  
Reference:
SECTRACK-1036785
BID-92831
MS16-107

CPE    5
cpe:/a:microsoft:outlook:2013:sp1
cpe:/a:microsoft:outlook:2016::~~~mac_os_x~~
cpe:/a:microsoft:outlook:2010:sp2
cpe:/a:microsoft:outlook_2013_rt:-:sp1
...
CWE    1
CWE-284
OVAL    4
oval:org.secpod.oval:def:37087
oval:org.secpod.oval:def:37085
oval:org.secpod.oval:def:37073
oval:org.secpod.oval:def:37090
...

© SecPod Technologies