Microsoft Outlook S/MIME AIA Vulnerability

Last Update Date: 13 Nov 2013 17:04 Release Date: 13 Nov 2013 3406 Views

RISK: Medium Risk

Medium Risk

TYPE: Clients - Email Clients

TYPE: Email Clients

An information disclosure vulnerability exists when Microsoft Outlook does not properly handle the expansion of S/MIME certificate metadata. An attacker who successfully exploited this vulnerability could ascertain system information, such as the IP address and open TCP ports, from the target system and other systems that share the network with the target system.

Impact

  • Information Disclosure

System / Technologies affected

  • Microsoft Office 2007
  • Microsoft Office 2010
  • Microsoft Office 2013 and Office 2013 RT

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Microsoft Windows Ancillary Function Driver Information Disclosure Vulnerability

13 Nov 2013 3330 Views

Next

Microsoft Windows Digital Signatures Denial of Service Vulnerability

13 Nov 2013 3330 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY