Synopsis
The version of Outlook installed on the remote host is affected by multiple vulnerabilities.
Description
The version of Microsoft Outlook installed on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities :
- A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially crafted email messages. An attacker who successfully exploited the vulnerability could take control of an affected system to then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2017-0106)
- A security feature bypass vulnerability exists in Microsoft Office software when it improperly handles the parsing of file formats. To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted file. (CVE-2017-0204)
- A remote code execution vulnerability exists when Microsoft Office improperly validates input before loading dynamic link library (DLL) files. An attacker who successfully exploited this vulnerability could take control of an affected system to then install programs;
view, change, or delete data; or create new accounts with full user rights. (CVE-2017-8506)
- A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially crafted email messages. An attacker who successfully exploited this vulnerability could take control of an affected system.
(CVE-2017-8507)
- A security feature bypass vulnerability exists in Microsoft Office software when it improperly handles the parsing of file formats. (CVE-2017-8508)
- A security feature bypass vulnerability exists when Microsoft Office Outlook improperly handles input.
An attacker who successfully exploited the vulnerability could execute arbitrary commands. (CVE-2017-8571)
- An information disclosure vulnerability exists when Microsoft Outlook fails to properly validate authentication requests. (CVE-2017-8572)
- A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially crafted email messages. An attacker who successfully exploited the vulnerability could take control of an affected system.
(CVE-2017-8663)
Solution
Microsoft has released a set of patches for Outlook 2007, 2010, 2013, and 2016.
Plugin Details
File Name: smb_nt_ms17_sep_outlook.nasl
Agent: windows
Supported Sensors: Nessus Agent, Nessus
Risk Information
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:microsoft:office, cpe:/a:microsoft:outlook
Required KB Items: SMB/MS_Bulletin_Checks/Possible
Exploit Ease: No known exploits are available
Patch Publication Date: 9/12/2017
Vulnerability Publication Date: 9/12/2017
Reference Information
CVE: CVE-2017-0106, CVE-2017-0204, CVE-2017-8506, CVE-2017-8507, CVE-2017-8508, CVE-2017-8571, CVE-2017-8572, CVE-2017-8663
BID: 97458, 98811, 98827, 98828, 99452, 99453, 100004, 97413