Summary
This host is missing an important security update according to Microsoft Bulletin MS13-026.
Impact
Successful exploitation will allow attackers to gain access to potentially sensitive information and that may aid in further attacks.
Impact Level: Application
Solution
Apply the patch from below link,
http://technet.microsoft.com/en-us/security/bulletin/ms13-026
Insight
The flaw is due to Microsoft Outlook for Mac loading certain tags when previewing an HTML email, which can be exploited to load content from a remote server and confirm the existence of the targeted email accounts.
Affected
Microsoft Office 2008 on Mac OS X
Microsoft Office 2011 on Mac OS X
References
Severity
Classification
-
CVE CVE-2013-0095 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- MS Office Outlook Information Disclosure Vulnerability - 2813682 (Mac OS X)
- Mac OS X Certificate Trust Policy Information Disclosure Vulnerability (2011-005)
- Apple Mac OS X Keychain Certificate Settings Security Bypass Vulnerability
- Microsoft Silverlight Information Disclosure Vulnerability-2890788 (Mac OS X)
- Mac OS X 'Internet plug-ins' Unspecified Vulnerability (2012-003)