Lucene search
0neb1nZDI-20-1249HistoryOct 19, 2020 - 12:00 a.m.
Microsoft Outlook HTML Email Heap-based Buffer Overflow Remote Code Execution Vulnerability
2020-10-1900:00:00
0neb1n
www.zerodayinitiative.com
142
0.203 Low
EPSS
Percentile
96.4%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Outlook. User interaction is required to exploit this vulnerability in that the target must open a malicious email or view it in the preview pane. The specific flaw exists within the parsing of HTML content in email. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
Related
mscve
mscve
Microsoft Outlook Remote Code Execution Vulnerability
2020-10-13 07:00:00
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Microsoft
2020-11-21 08:58:32
Exploit for Out-of-bounds Write in Microsoft
2020-10-15 14:32:25
prion
prion
Remote code execution
2020-10-16 23:15:00
cvelist
cvelist
CVE-2020-16947 Microsoft Outlook Remote Code Execution Vulnerability
2020-10-16 00:00:00
zdi
zdi
nvd
nvd
CVE-2020-16947
2020-10-16 23:15:16
cve
cve
CVE-2020-16947
2020-10-16 23:15:16
openvas
openvas
nessus
nessus
Security Updates for Outlook (October 2020)
2020-10-13 00:00:00
krebs
krebs
Microsoft Patch Tuesday, October 2020 Edition
2020-10-13 20:10:36
mskb
mskb
Description of the security update for Outlook 2016: October 13, 2020
2020-10-13 07:00:00
thn
thn
Microsoft Releases Patches For Critical Windows TCP/IP and Other Bugs
2020-10-14 10:10:00
rapid7blog
rapid7blog
Patch Tuesday - October 2020
2020-10-13 23:25:39
threatpost
threatpost
October Patch Tuesday: Microsoft Patches Critical, Wormable RCE Bug
2020-10-13 20:44:01
kaspersky
kaspersky
KLA11976 Multiple vulnerabilites in Microsoft Office
2020-10-13 00:00:00
avleonov
avleonov