Vulnerabilities > Microsoft > Outlook > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-15 | CVE-2017-8507 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Outlook A remote code execution vulnerability exists in the way Microsoft Office software parses specially crafted email messages, aka "Microsoft Office Memory Corruption Vulnerability". | 9.3 |
| 2017-04-12 | CVE-2017-0106 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Outlook Microsoft Excel 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1, and Microsoft Outlook 2016 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." | 9.3 |
| 2016-07-13 | CVE-2016-3278 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Outlook and Outlook RT Microsoft Outlook 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." | 9.3 |
| 2013-09-11 | CVE-2013-3870 | Resource Management Errors vulnerability in Microsoft Outlook 2007/2010 Double free vulnerability in Microsoft Outlook 2007 SP3 and 2010 SP1 and SP2 allows remote attackers to execute arbitrary code by including many nested S/MIME certificates in an e-mail message, aka "Message Certificate Vulnerability." | 9.3 |
| 2010-09-15 | CVE-2010-2728 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Outlook 2002/2003/2007 Heap-based buffer overflow in Microsoft Outlook 2002 SP3, 2003 SP3, and 2007 SP2, when Online Mode for an Exchange Server is enabled, allows remote attackers to execute arbitrary code via a crafted e-mail message, aka "Heap Based Buffer Overflow in Outlook Vulnerability." | 9.3 |
| 2010-07-15 | CVE-2010-0266 | Code Injection vulnerability in Microsoft Outlook 2002/2003/2007 Microsoft Office Outlook 2002 SP3, 2003 SP3, and 2007 SP1 and SP2 does not properly verify e-mail attachments with a PR_ATTACH_METHOD property value of ATTACH_BY_REFERENCE, which allows user-assisted remote attackers to execute arbitrary code via a crafted message, aka "Microsoft Outlook SMB Attachment Vulnerability." | 9.3 |
| 2007-02-03 | CVE-2007-0671 | Remote Code Execution vulnerability in Microsoft Office Malformed String Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks. | 9.3 |
| 2007-01-09 | CVE-2007-0033 | Remote Code Execution vulnerability in Microsoft Outlook VEVENT Record Microsoft Outlook 2002 and 2003 allows user-assisted remote attackers to execute arbitrary code via a malformed VEVENT record in an .iCal meeting request or ICS file. | 9.3 |
| 2007-01-09 | CVE-2007-0034 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Office and Outlook Buffer overflow in the Advanced Search (Finder.exe) feature of Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted Outlook Saved Searches (OSS) file that triggers memory corruption, aka "Microsoft Outlook Advanced Find Vulnerability." | 9.3 |
| 2006-10-10 | CVE-2006-3877 | Code Injection vulnerability in Microsoft products Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-2006-3876. | 9.3 |