Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, Outlook 2013 RT SP1, Outlook 2016, and Outlook 2016 for Mac do not properly implement RFC 2046, which allows remote attackers to bypass virus or spam detection via crafted MIME data in an e-mail attachment, aka "Microsoft Office Spoofing Vulnerability."

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N
Vendors Products
Microsoft
  • Outlook

Configuration 1 [-]

OR cpe:2.3:a:microsoft:outlook:2007:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:outlook:2010:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:outlook:2013:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:outlook:2016:*:*:*:*:macos:*:*
References
Link Resource
http://www.securityfocus.com/bid/92831
http://www.securitytracker.com/id/1036785
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-107
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: microsoft

Published: 2016-09-14T10:00:00

Updated: 2018-10-12T19:57:01

Reserved: 2016-03-15T00:00:00

Link: CVE-2016-3366

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2016-09-14T10:59:40.810

Modified: 2021-08-30T14:28:30.633

Link: CVE-2016-3366

JSON object: View

cve-icon Redhat Information

No data.

CWE