CVE-2018-0850

Microsoft Outlook 2007, Microsoft Outlook 2010, Microsoft Outlook 2013, Microsoft Outlook 2016, and Microsoft Office 2016 Click-to-Run allow an elevation of privilege vulnerability due to how the format of incoming message is validated, aka "Microsoft Outlook Elevation of Privilege Vulnerability".
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
microsoftCNA
---
---
CVEADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 91%
References
http://www.securityfocus.com/bid/102866
http://www.securitytracker.com/id/1040382
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0850
http://www.securityfocus.com/bid/102866
http://www.securitytracker.com/id/1040382
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0850