Microsoft Outlook 2007

CPE Details

Microsoft Outlook 2007
microsoft
outlook
2007
2007-08-23
19h16 +00:00
2008-04-15
21h00 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:microsoft:outlook:2007:*:*:*:*:*:*:*

Informations

Vendor

microsoft

Product

outlook

Version

2007

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2017-17688 2018-05-16 17h00 +00:00 The OpenPGP specification allows a Cipher Feedback Mode (CFB) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL. NOTE: third parties report that this is a problem in applications that mishandle the Modification Detection Code (MDC) feature or accept an obsolete packet type, not a problem in the OpenPGP specification
5.9
Moyen
CVE-2017-17689 2018-05-16 17h00 +00:00 The S/MIME specification allows a Cipher Block Chaining (CBC) malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL.
5.9
Moyen
CVE-2018-0850 2018-02-15 02h00 +00:00 Microsoft Outlook 2007, Microsoft Outlook 2010, Microsoft Outlook 2013, Microsoft Outlook 2016, and Microsoft Office 2016 Click-to-Run allow an elevation of privilege vulnerability due to how the format of incoming message is validated, aka "Microsoft Outlook Elevation of Privilege Vulnerability".
6.5
Moyen
CVE-2008-3068 2008-07-07 21h00 +00:00 Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation List (CRL) checks by using an arbitrary URL from a certificate embedded in a (1) S/MIME e-mail message or (2) signed document, which allows remote attackers to obtain reading times and IP addresses of recipients, and port-scan results, via a crafted certificate with an Authority Information Access (AIA) extension.
7.5
CVE-2007-4040 2007-07-27 22h00 +00:00 Argument injection vulnerability involving Microsoft Outlook and Outlook Express, when certain URIs are registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in an unspecified URI, which are inserted into the command line when invoking the handling process, a similar issue to CVE-2007-3670.
4.3
CVE-2006-6659 2006-12-20 02h00 +00:00 The Microsoft Office Outlook Recipient ActiveX control (ole32.dll) in Windows XP SP2 allows remote attackers to cause a denial of service (Internet Explorer 7 hang) via crafted HTML.
5
CVE-2000-0216 2000-03-22 04h00 +00:00 Microsoft email clients in Outlook, Exchange, and Windows Messaging automatically respond to Read Receipt and Delivery Receipt tags, which could allow an attacker to flood a mail system with responses by forging a Read Receipt request that is redirected to a large distribution list.
5
CVE-2000-0160 2000-02-23 04h00 +00:00 The Microsoft Active Setup ActiveX component in Internet Explorer 4.x and 5.x allows a remote attacker to install software components without prompting the user by stating that the software's manufacturer is Microsoft.
7.6