CVE-2013-0095 — Sensitive Information Exposure in Microsoft Office

CWE-200 — Sensitive Information Exposure2 documents2 sources
Severity
5.0MEDIUMNVD
EPSS
29.3%
top 3.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Office
Timeline
PublishedMar 13
Latest updateMay 5

Description

Outlook in Microsoft Office for Mac 2008 before 12.3.6 and Office for Mac 2011 before 14.3.2 allows remote attackers to trigger access to a remote URL and consequently confirm the rendering of an HTML e-mail message by including unspecified HTML5 elements and leveraging the installation of a WebKit browser on the victim's machine, aka "Unintended Content Loading Vulnerability."

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

â–¶NVDmicrosoft/office2008, 2011+1

🔴Vulnerability Details

1
GHSA
GHSA-3h4h-w66g-8c4g: Outlook in Microsoft Office for Mac 2008 before 12↗2022-05-05
â–¶
CVE-2013-0095 — Sensitive Information Exposure | cvebase