MS Office Outlook Information Disclosure Vulnerability - 2813682 (Mac OS X) Network Vulnerability

Summary

This host is missing an important security update according to Microsoft Bulletin MS13-026.

Impact

Successful exploitation will allow attackers to gain access to potentially sensitive information and that may aid in further attacks. Impact Level: Application

Solution

Apply the patch from below link, http://technet.microsoft.com/en-us/security/bulletin/ms13-026

Insight

The flaw is due to Microsoft Outlook for Mac loading certain tags when previewing an HTML email, which can be exploited to load content from a remote server and confirm the existence of the targeted email accounts.

Affected

Microsoft Office 2008 on Mac OS X Microsoft Office 2011 on Mac OS X

References

http://secunia.com/advisories/52559
http://technet.microsoft.com/en-us/security/bulletin/MS13-026
http://www.osvdb.org/91154
http://xforce.iss.net/xforce/xfdb/82400

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-0095
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

MS Office Outlook Information Disclosure Vulnerability - 2813682 (Mac OS X)
Mac OS X Certificate Trust Policy Information Disclosure Vulnerability (2011-005)
Apple Mac OS X Keychain Certificate Settings Security Bypass Vulnerability
Microsoft Silverlight Information Disclosure Vulnerability-2890788 (Mac OS X)
Mac OS X 'Internet plug-ins' Unspecified Vulnerability (2012-003)

Take action and discover your vulnerabilities