Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft outlook 2013 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-1629
Cross-site scripting (XSS) vulnerability in Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and Cumulative Update 7 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL, aka "ExchangeDLP Cross Site Scripting Vulnerability."
Microsoft Exchange Server 2013
NA
CVE-2015-1632
Cross-site scripting (XSS) vulnerability in errorfe.aspx in Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and Cumulative Update 7 allows remote malicious users to inject arbitrary web script or HTML via the msgParam parameter in an authError action, aka "Exchan...
Microsoft Exchange Server 2013
NA
CVE-2014-6319
Outlook Web App (OWA) in Microsoft Exchange Server 2007 SP3, 2010 SP3, and 2013 SP1 and Cumulative Update 6 does not properly validate tokens in requests, which allows remote malicious users to spoof the origin of e-mail messages via unspecified vectors, aka "Outlook Web App...
Microsoft Exchange Server 2013
Microsoft Exchange Server 2007
Microsoft Exchange Server 2010
NA
CVE-2014-6336
Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and Cumulative Update 6 does not properly validate redirection tokens, which allows remote malicious users to redirect users to arbitrary web sites and spoof the origin of e-mail messages via unspecified vectors, aka &qu...
Microsoft Exchange Server 2013
NA
CVE-2014-2730
The XML parser in Microsoft Office 2007 SP3, 2010 SP1 and SP2, and 2013, and Office for Mac 2011, does not properly detect recursion during entity expansion, which allows remote malicious users to cause a denial of service (memory consumption and persistent application hang) via ...
Microsoft Office 2010
Microsoft Office 2013
Microsoft Office 2011
Microsoft Office 2007
NA
CVE-2014-1761
Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Word Viewer; Office Compatibility Pack SP3; Office for Mac 2011; Word Automation Services on SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and Office Web Apps Server 2013 allo...
Microsoft Word 2010
Microsoft Word 2003
Microsoft Office Web Apps 2010
Microsoft Sharepoint Server 2013
Microsoft Word Viewer
Microsoft Word 2013
Microsoft Office Web Apps Server 2013
Microsoft Office 2011
Microsoft Office Compatibility Pack
Microsoft Sharepoint Server 2010
Microsoft Word 2007
1 EDB exploit
1 Github repository
6 Articles
NA
CVE-2013-5072
Cross-site scripting (XSS) vulnerability in Outlook Web Access in Microsoft Exchange Server 2010 SP2 and SP3 and 2013 Cumulative Update 2 and 3 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL, aka "OWA XSS Vulnerability."
Microsoft Exchange Server 2010
Microsoft Exchange Server 2013
NA
CVE-2013-3905
Microsoft Outlook 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT does not properly expand metadata contained in S/MIME certificates, which allows remote malicious users to obtain sensitive network configuration and state information via a crafted certificate in an e-mail message, ...
Microsoft Outlook 2013
Microsoft Outlook 2010
Microsoft Outlook 2007
NA
CVE-2013-3870
Double free vulnerability in Microsoft Outlook 2007 SP3 and 2010 SP1 and SP2 allows remote malicious users to execute arbitrary code by including many nested S/MIME certificates in an e-mail message, aka "Message Certificate Vulnerability."
Microsoft Outlook 2007
Microsoft Outlook 2010
NA
CVE-2013-0095
Outlook in Microsoft Office for Mac 2008 prior to 12.3.6 and Office for Mac 2011 prior to 14.3.2 allows remote malicious users to trigger access to a remote URL and consequently confirm the rendering of an HTML e-mail message by including unspecified HTML5 elements and leveraging...
Microsoft Office 2011
Microsoft Office 2008
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8