FortiClient VulnerabilityMicrosoft Outlook CVE-2016-3366 Spoofing Vulnerability
Description
A spoofing vulnerability exists when Microsoft Outlook does not strictly adhere to RFC2046, and improperly identifies the end of a MIME attachment. An improper MIME attachment ending may cause antivirus or antispam scanning to not work as intended. To exploit the vulnerability, an attacker could send a specially crafted email attachment to a user in an attempt to launch a social engineering attack, such as phishing. The security update addresses the vulnerability by correcting how Outlook determines the end of MIME messages.
Affected Applications
Microsoft Outlook 2007 Service Pack 3
Microsoft Outlook 2013 RT Service Pack 1
Microsoft Outlook 2010 Service Pack 2 (64-bit editions)
Microsoft Outlook 2013 Service Pack 1 (32-bit editions)
Microsoft Outlook 2013 Service Pack 1 (64-bit editions)
Microsoft Outlook 2016 x86
Microsoft Outlook 2016 for Mac
Microsoft Outlook 2010 Service Pack 2 (32-bit editions)
Microsoft Outlook 2016 x64
CVE References
CVE-2016-3366Other References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-3366| ID | 56014 |
| Created | Dec 11, 2018 |
| Description Updated |
Dec 21, 2023 |
| Risk |
|
| Coverage | FortiClient |
| OS | Windows |
| Vendor | Microsoft |
| Patch | auto |
| Application | Microsoft Outlook 2007 Service Pack 3 , Microsoft Outlook 2013 RT Service Pack 1 , Microsoft Outlook 2010 Service Pack 2 (64-bit editions) , Microsoft Outlook 2013 Service Pack 1 (32-bit editions) , Microsoft Outlook 2013 Service Pack 1 (64-bit editions) , Microsoft Outlook 2016 x86 , Microsoft Outlook 2016 for Mac , Microsoft Outlook 2010 Service Pack 2 (32-bit editions) , Microsoft Outlook 2016 x64 |