CVE-2017-8545 — Improper Input Validation in Corporation Microsoft Outlook FOR MAC

CWE-20 — Improper Input Validation4 documents4 sources

Severity

6.5MEDIUMNVD

EPSS

13.1%

top 5.89%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Corporation Microsoft Outlook FOR MAC Microsoft Outlook

Timeline

PublishedJun 15

Latest updateMay 13

Description

A spoofing vulnerability exists in when Microsoft Outlook for Mac does not sanitize html properly, aka "Microsoft Outlook for Mac Spoofing Vulnerability".

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

▶NVDmicrosoft/outlook2016

▶CVEListV5microsoft_corporation/microsoft_outlook_for_macMicrosoft Outlook 2016 for Mac.

Patches

Patch: portal.msrc.microsoft.com ↗Patch: portal.msrc.microsoft.com ↗

🔴Vulnerability Details

GHSA

GHSA-p237-h324-fx96: A spoofing vulnerability exists in when Microsoft Outlook for Mac does not sanitize html properly, aka "Microsoft Outlook for Mac Spoofing Vulnerabili↗2022-05-13

▶

CVEList

CVE-2017-8545: A spoofing vulnerability exists in when Microsoft Outlook for Mac does not sanitize html properly, aka "Microsoft Outlook for Mac Spoofing Vulnerabili↗2017-06-15

▶

📋Vendor Advisories

Microsoft

Microsoft Outlook for Mac Spoofing Vulnerability↗2017-06-13

▶