virus logo FortiClient Vulnerability

Microsoft Outlook CVE-2016-0138 Information Disclosure Vulnerability

description-logoDescription

An information disclosure vulnerability exists in the way that Microsoft Exchange Server parses email messages. The vulnerability could allow an attacker to discover confidential user information that is contained in Microsoft Outlook applications. To exploit the vulnerability, an attacker could use send as rights to send a specially crafted message to a user. The security update addresses the vulnerability by correcting how Microsoft Exchange parses certain unstructured file formats.

affected-products-logoAffected Applications

Microsoft Exchange Server 2016 Cumulative Update 1
Microsoft Exchange Server 2013 Service Pack 1
Microsoft Exchange Server 2016 Cumulative Update 2
Microsoft Exchange Server 2013 Cumulative Update 12
Microsoft Exchange Server 2013 Cumulative Update 13
Microsoft Exchange Server 2007 Service Pack 3
Microsoft Exchange Server 2010 Service Pack 3

CVE References

CVE-2016-0138

Other References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-0138
ID 55979
Created Dec 11, 2018
Description
Updated		 Dec 21, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Microsoft
Patch auto
Application Microsoft Exchange Server 2016 Cumulative Update 1 , Microsoft Exchange Server 2013 Service Pack 1 , Microsoft Exchange Server 2016 Cumulative Update 2 , Microsoft Exchange Server 2013 Cumulative Update 12 , Microsoft Exchange Server 2013 Cumulative Update 13 , Microsoft Exchange Server 2007 Service Pack 3 , Microsoft Exchange Server 2010 Service Pack 3