Security News > 2019 > June > PoC Released for Outlook Flaw that Microsoft Patched 6 Month After Discovery

PoC Released for Outlook Flaw that Microsoft Patched 6 Month After Discovery
2019-06-22 08:18

As we reported two days ago, Microsoft this week released an updated version of its Outlook app for Android that patches a severe remote code execution vulnerability (CVE-2019-1105) that impacted over 100 million users. However, at that time, very few details of the flaw were available in the advisory, which just revealed that the earlier versions of the email app contained a cross-site


News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/_YccFiboFKE/microsoft-outlook-vulnerability.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2019-07-29 CVE-2019-1105 Cross-site Scripting vulnerability in Microsoft Outlook
A spoofing vulnerability exists in the way Microsoft Outlook for Android software parses specifically crafted email messages, aka 'Outlook for Android Spoofing Vulnerability'.
network
low complexity
microsoft CWE-79
5.4

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 365 50 1369 2820 161 4400