[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Microsoft Exchange Information Disclosure Vulnerability - CVE-2019-1084

ID: oval:org.secpod.oval:def:57245Date: (C)2019-07-10   (M)2024-03-26
Class: VULNERABILITYFamily: windows




An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters. An authenticated attacker could exploit this vulnerability by creating entities with invalid display names, which, when added to conversations, remain invisible. This security update addresses the issue by validating display names upon creation in Microsoft Exchange, and by rendering invalid display names correctly in Microsoft Outlook clients.

Platform:
Microsoft Windows Server 2022
Microsoft Windows 11
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Vista
Microsoft Windows 10
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Product:
Microsoft Lync Basic 2013
Microsoft Office 2013
Microsoft Office 2016
Microsoft 365 Apps for Enterprise
Microsoft Office 2019
Microsoft Outlook 2010
Microsoft Outlook 2013
Microsoft Outlook 2016
Skype for Business 2016
Microsoft Exchange Server 2016
Microsoft Exchange Server 2010
Microsoft Exchange Server 2013
Reference:
CVE-2019-1084
CVE    1
CVE-2019-1084
CPE    21
cpe:/a:microsoft:exchange_server:2010
cpe:/a:microsoft:exchange_server:2013
cpe:/a:microsoft:outlook:2010:sp2
cpe:/a:microsoft:outlook:2013
...

© SecPod Technologies