Description
<p>A denial of service vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could cause a remote denial of service against a system.</p> <p>Exploitation of the vulnerability requires that a specially crafted email be sent to a vulnerable Outlook server.</p> <p>The security update addresses the vulnerability by correcting how Microsoft Outlook handles objects in memory.</p>
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
E
Physical
RL
O
RC
Changed
Affected products
- Microsoft / 365_apps
- Microsoft / office2019 – 2019
- Microsoft / Outlook2016 – 2016
- Microsoft / Outlook2013 – 2013
- Microsoft / Outlook2013 – 2013
- Microsoft / Outlook2013 – 2013
- Microsoft / Outlook2010 – 2010
- Microsoft / Outlook2016 – 2016