CVE-2018-0850

Description

Microsoft Outlook 2007, Microsoft Outlook 2010, Microsoft Outlook 2013, Microsoft Outlook 2016, and Microsoft Office 2016 Click-to-Run allow an elevation of privilege vulnerability due to how the format of incoming message is validated, aka "Microsoft Outlook Elevation of Privilege Vulnerability".

Affected products

Microsoft Corporation / Microsoft OutlookMicrosoft Outlook 2007, Microsoft Outlook 2010, Microsoft Outlook 2013, Microsoft Outlook 2016, and Microsoft Office 2016 Click-to-Run – Microsoft Outlook 2007, Microsoft Outlook 2010, Microsoft Outlook 2013, Microsoft Outlook 2016, and Microsoft Office 2016 Click-to-Run

References

VENDOR_ADVISORYhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0850
MISChttp://www.securitytracker.com/id/1040382
MISChttp://www.securityfocus.com/bid/102866