CVE-2020-16949

Summary

<p>A denial of service vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could cause a remote denial of service against a system.</p> <p>Exploitation of the vulnerability requires that a specially crafted email be sent to a vulnerable Outlook server.</p> <p>The security update addresses the vulnerability by correcting how Microsoft Outlook handles objects in memory.</p>

Affected Software

VendorProductVersion RangeStatus
MicrosoftMicrosoft Office 201919.0.0 < https://aka.ms/OfficeSecurityReleasesaffected
MicrosoftMicrosoft 365 Apps for Enterprise16.0.1 < https://aka.ms/OfficeSecurityReleasesaffected
MicrosoftMicrosoft Outlook 201616.0.0.0 < publicationaffected
MicrosoftMicrosoft Outlook 2013 Service Pack 115.0.0.0 < publicationaffected
MicrosoftMicrosoft Outlook 2010 Service Pack 213.0.0.0 < publicationaffected

Weaknesses

  • Denial of Service

ADP Enrichment

CVE Program Container

Additional References

References