Security News > 2019 > June > Microsoft Outlook for Android Open to XSS Attacks
2019-06-21 19:50
A spoofing bug (CVE-2019-1105) can open the door to an email attack chain.
News URL
https://threatpost.com/microsoft-outlook-android-xss/145924/
Related news
- Microsoft Outlook workaround fixes freezes when copying text (source)
- Google fixes two Android zero-days used in targeted attacks (source)
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks (source)
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- Microsoft enforces defenses preventing NTLM relay attacks (source)
- Hackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan Attacks (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-07-29 | CVE-2019-1105 | Cross-site Scripting vulnerability in Microsoft Outlook A spoofing vulnerability exists in the way Microsoft Outlook for Android software parses specifically crafted email messages, aka 'Outlook for Android Spoofing Vulnerability'. | 5.4 |