Vulnerability Details : CVE-2017-8545
A spoofing vulnerability exists in when Microsoft Outlook for Mac does not sanitize html properly, aka "Microsoft Outlook for Mac Spoofing Vulnerability".
Vulnerability category: Input validation
Products affected by CVE-2017-8545
- cpe:2.3:a:microsoft:outlook:2016:*:*:*:*:macos:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-8545
1.28%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 85 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-8545
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:P/A:N |
8.6
|
2.9
|
NIST | |
6.5
|
MEDIUM | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N |
2.8
|
3.6
|
NIST |
CWE ids for CVE-2017-8545
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-8545
-
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8545
CVE-2017-8545 | Microsoft Outlook for Mac Spoofing VulnerabilityPatch;Vendor Advisory
-
http://www.securitytracker.com/id/1038664
Microsoft Outlook for Mac Input Validation Flaw Lets Remote Users Spoof Content - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.securityfocus.com/bid/98917
Microsoft Outlook for Mac CVE-2017-8545 Spoofing VulnerabilityThird Party Advisory;VDB Entry
Jump to