CVE-2019-1105 — Vulnetix

Try Vulnetix Request Demo

CVE-2019-1105 PUBLISHED CVSS 3.5 LOW

A spoofing vulnerability exists in the way Microsoft Outlook for Android software parses specifically crafted email messages. An authenticated attacker could exploit the vulnerability by sending a specially crafted email message to a victim. The attacker who successfully exploited this vulnerability could then perform cross-site scripting attacks on the affected systems and run scripts in the security context of the current user. The security update addresses the vulnerability by correcting how Outlook for Android parses specially crafted email messages.

EPSS 0.44% · 63.2th percentile

Risk Scores

CVSS v2.0

3.5

EPSS Score

0.44%

63.2th percentile

Affected Products

Vendor	Product	Versions
microsoft	outlook	1.0
Microsoft	Microsoft Outlook for Android	1.0
Microsoft	N/A

Timeline

Jun 11, 2019 CVE Published
Jun 20, 2019 CVE Updated
Apr 14, 2021 EPSS Score
Jun 22, 2021 EPSS Score
Aug 23, 2021 EPSS Score
Oct 24, 2021 EPSS Score
Dec 25, 2021 EPSS Score
Feb 4, 2022 EPSS Score
Feb 25, 2022 EPSS Score
Apr 28, 2022 EPSS Score
Jun 29, 2022 EPSS Score
Aug 31, 2022 EPSS Score

References

Outlook for Android Spoofing Vulnerability vendor-advisory
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1105 url
https://nvd.nist.gov/vuln/detail/CVE-2019-1105 advisory
https://portal.msrc.microsoft.com/fr-FR/security-guidance advisory

Open in Interactive Console →