Security News > 2019 > June > Microsoft Outlook for Android Open to XSS Attacks

Microsoft Outlook for Android Open to XSS Attacks

2019-06-21 19:50

A spoofing bug (CVE-2019-1105) can open the door to an email attack chain.

News URL

https://threatpost.com/microsoft-outlook-android-xss/145924/

#android #attack #microsoft #outlook #XSS #CVE-2019-1105

Related news

Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks (source)
Microsoft fixes Outlook email sending issue for users with many folders (source)
DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks (source)
Microsoft issues 117 patches – some for flaws already under attack (source)
Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks (source)
Microsoft Outlook bug blocks email logins, causes app crashes (source)
Microsoft: Ransomware Attacks Growing More Dangerous, Complex (source)
Microsoft Outlook workaround fixes freezes when copying text (source)

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2019-07-29	CVE-2019-1105	Cross-site Scripting vulnerability in Microsoft Outlook A spoofing vulnerability exists in the way Microsoft Outlook for Android software parses specifically crafted email messages, aka 'Outlook for Android Spoofing Vulnerability'. network low complexity microsoft CWE-79	5.4

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Microsoft		480	75	2308	5127	264	7774

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.