Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft outlook 2010 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2014-6319
Outlook Web App (OWA) in Microsoft Exchange Server 2007 SP3, 2010 SP3, and 2013 SP1 and Cumulative Update 6 does not properly validate tokens in requests, which allows remote malicious users to spoof the origin of e-mail messages via unspecified vectors, aka "Outlook Web App...
Microsoft Exchange Server 2013
Microsoft Exchange Server 2007
Microsoft Exchange Server 2010
445
VMScore
CVE-2014-2730
The XML parser in Microsoft Office 2007 SP3, 2010 SP1 and SP2, and 2013, and Office for Mac 2011, does not properly detect recursion during entity expansion, which allows remote malicious users to cause a denial of service (memory consumption and persistent application hang) via ...
Microsoft Office 2010
Microsoft Office 2013
Microsoft Office 2011
Microsoft Office 2007
935
VMScore
CVE-2014-1761
Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Word Viewer; Office Compatibility Pack SP3; Office for Mac 2011; Word Automation Services on SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and Office Web Apps Server 2013 allo...
Microsoft Word 2010
Microsoft Word 2003
Microsoft Office Web Apps 2010
Microsoft Sharepoint Server 2013
Microsoft Word Viewer
Microsoft Word 2013
Microsoft Office Web Apps Server 2013
Microsoft Office 2011
Microsoft Office Compatibility Pack
Microsoft Sharepoint Server 2010
Microsoft Word 2007
1 EDB exploit
1 Github repository
6 Articles
383
VMScore
CVE-2013-5072
Cross-site scripting (XSS) vulnerability in Outlook Web Access in Microsoft Exchange Server 2010 SP2 and SP3 and 2013 Cumulative Update 2 and 3 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL, aka "OWA XSS Vulnerability."
Microsoft Exchange Server 2010
Microsoft Exchange Server 2013
445
VMScore
CVE-2013-3905
Microsoft Outlook 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT does not properly expand metadata contained in S/MIME certificates, which allows remote malicious users to obtain sensitive network configuration and state information via a crafted certificate in an e-mail message, ...
Microsoft Outlook 2013
Microsoft Outlook 2010
Microsoft Outlook 2007
828
VMScore
CVE-2013-3870
Double free vulnerability in Microsoft Outlook 2007 SP3 and 2010 SP1 and SP2 allows remote malicious users to execute arbitrary code by including many nested S/MIME certificates in an e-mail message, aka "Message Certificate Vulnerability."
Microsoft Outlook 2007
Microsoft Outlook 2010
828
VMScore
CVE-2010-2728
Heap-based buffer overflow in Microsoft Outlook 2002 SP3, 2003 SP3, and 2007 SP2, when Online Mode for an Exchange Server is enabled, allows remote malicious users to execute arbitrary code via a crafted e-mail message, aka "Heap Based Buffer Overflow in Outlook Vulnerabilit...
Microsoft Outlook 2003
Microsoft Outlook 2007
Microsoft Outlook 2002
685
VMScore
CVE-2010-3213
Cross-site request forgery (CSRF) vulnerability in Microsoft Outlook Web Access (owa/ev.owa) 2007 through SP2 allows remote malicious users to hijack the authentication of e-mail users for requests that perform Outlook requests, as demonstrated by setting the auto-forward rule.
Microsoft Outlook Web Access 2007
1 EDB exploit
940
VMScore
CVE-2010-0266
Microsoft Office Outlook 2002 SP3, 2003 SP3, and 2007 SP1 and SP2 does not properly verify e-mail attachments with a PR_ATTACH_METHOD property value of ATTACH_BY_REFERENCE, which allows user-assisted remote malicious users to execute arbitrary code via a crafted message, aka &quo...
Microsoft Outlook 2002
Microsoft Outlook 2003
Microsoft Outlook 2007
2 EDB exploits
435
VMScore
CVE-2010-2091
Microsoft Outlook Web Access (OWA) 8.2.254.0, when Internet Explorer 7 on Windows Server 2003 is used, does not properly handle the id parameter in a Folder IPF.Note action to the default URI, which might allow remote malicious users to obtain sensitive information or conduct cro...
Microsoft Exchange Server 2007
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »