cbcvebase.
CVE-2020-16949
published 2020-10-16

CVE-2020-16949: A denial of service vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. An attacker who…

high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
A denial of service vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could cause a remote denial of service against a system. Exploitation of the vulnerability requires that a specially crafted email be sent to a vulnerable Outlook server. The security update addresses the vulnerability by correcting how Microsoft Outlook handles objects in memory.

Affected

29 ranges· showing 25
VendorProductVersion rangeFixed in
microsoftmicrosoft_365_apps_for_enterprise>= 16.0.1 < https://aka.ms/OfficeSecurityReleaseshttps://aka.ms/OfficeSecurityReleases
microsoftmicrosoft_office_2019>= 19.0.0 < https://aka.ms/OfficeSecurityReleaseshttps://aka.ms/OfficeSecurityReleases
microsoftmicrosoft_outlook_2010_service_pack_2>= 13.0.0.0 < publicationpublication
microsoftmicrosoft_outlook_2013_service_pack_1>= 15.0.0.0 < publicationpublication
microsoftmicrosoft_outlook_2016>= 16.0.0.0 < publicationpublication
microsoftoffice
microsoftoutlook
microsoftoutlook
microsoftoutlook
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10
microsoftwindows_10
microsoftwindows_server_2008
microsoftwindows_server_2012
microsoftwindows_server_2016
microsoftwindows_server_2016
microsoftwindows_server_2016
msrcmicrosoft_365_apps_for_enterprise_for_32-bit_systems
msrcmicrosoft_365_apps_for_enterprise_for_64-bit_systems
msrcmicrosoft_office_2019_for_32-bit_editions
msrcmicrosoft_office_2019_for_64-bit_editions