Oct 2020: Microsoft Outlook Denial of Service Vulnerability
CVE-2020-16949 Published on October 16, 2020
Microsoft Outlook Denial of Service Vulnerability
<p>A denial of service vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could cause a remote denial of service against a system.</p>
<p>Exploitation of the vulnerability requires that a specially crafted email be sent to a vulnerable Outlook server.</p>
<p>The security update addresses the vulnerability by correcting how Microsoft Outlook handles objects in memory.</p>
Products Associated with CVE-2020-16949
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-16949 are published in these products:
Affected Versions
Microsoft Office 2019:- Version 19.0.0 and below https://aka.ms/OfficeSecurityReleases is affected.
- Version 16.0.1 and below https://aka.ms/OfficeSecurityReleases is affected.
- Version 16.0.0.0 and below publication is affected.
- Version 15.0.0.0 and below publication is affected.
- Version 13.0.0.0 and below publication is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.