Published: 15/07/2019 Updated: 04/05/2020

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 356

Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters. An authenticated attacker could exploit this vulnerability by creating entities with invalid display names, which, when added to conversations, remain invisible. This security update addresses the issue by validating display names upon creation in Microsoft Exchange, and by rendering invalid display names correctly in Microsoft Outlook clients., aka 'Microsoft Exchange Information Disclosure Vulnerability'.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft office 2019
microsoft office 2010
microsoft outlook 2013
microsoft outlook 2016
microsoft mail and calendar -
microsoft exchange server 2013
microsoft office 2013
microsoft office 2016
microsoft office 365 proplus -
microsoft skype for business 2016
microsoft exchange server 2016
microsoft lync 2013
microsoft skype for business basic 2016
microsoft exchange server 2010
microsoft lync basic 2013
microsoft outlook -

Microsoft Patch Tuesday – July 2019

Symantec Threat Intelligence Blog • Ratheesh PM • 10 Jul 2024

This month the vendor has patched 77 vulnerabilities, 16 of which are rated Critical.

Posted: 10 Jul, 201922 Min ReadThreat Intelligence SubscribeFollowtwitterfacebooklinkedinMicrosoft Patch Tuesday – July 2019This month the vendor has patched 77 vulnerabilities, 16 of which are rated Critical.As always, customers are advised to follow these security best practices: Install vendor patches as soon as they are available. Run all software with the least privileges required while still maintaining functionality. Avoid h...

CVE-2019-1084

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect