| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS13-068 | Vulnerability in Microsoft Outlook Could Allow Remote Code Execution (2756473) | Microsoft Office | Critical | 11-09-2013 |
Technical Information
Brief overview of the risk:
This security update resolves a privately reported vulnerability in Microsoft Outlook. The vulnerability could allow remote code execution if a user opens or previews a specially crafted email message using an affected edition of Microsoft Outlook.
Detailed Information on the risk:
A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially crafted S/MIME email messages. An attacker who successfully exploited this vulnerability could take complete control of an affected system.
Further information on this exploit is available at : MS13-068
Affected Software
Microsoft Office 2007 Service Pack 3Microsoft Office 2010 Service Pack 1 (32-bit editions)
Microsoft Office 2010 Service Pack 2 (32-bit editions)
Microsoft Office 2010 Service Pack 1 (64-bit editions)
Microsoft Office 2010 Service Pack 2 (64-bit editions)