Microsoft Outlook Information Disclosure Vulnerability - CVE-2018-8558ID: oval:org.secpod.oval:def:49068 | Date: (C)2018-11-14 (M)2023-07-13 |
Class: VULNERABILITY | Family: windows |
An information disclosure vulnerability exists when Microsoft Outlook fails to respect Default link type settings configured via the SharePoint Online Admin Center. A malicious user could potentially share anonymously-accessible links to other users via email where these links are intended to be accessed only by specific users. The security update addresses the vulnerability by correcting how Microsoft Outlook generates links inserted into emails via the Attach File interface.
Platform: |
Microsoft Windows Server 2019 |
Microsoft Windows 7 |
Microsoft Windows 8 |
Microsoft Windows 8.1 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows Vista |
Microsoft Windows 10 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2016 |
Microsoft Windows XP |
Product: |
Microsoft 365 Apps for Enterprise |
Microsoft Office 2019 |