SecuritySpace - CVE-2019-1084

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2019-1084

Description: An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters. An authenticated attacker could exploit this vulnerability by creating entities with invalid display names, which, when added to conversations, remain invisible. This security update addresses the issue by validating display names upon creation in Microsoft Exchange, and by rendering invalid display names correctly in Microsoft Outlook clients., aka 'Microsoft Exchange Information Disclosure Vulnerability'.

Test IDs: 1.3.6.1.4.1.25623.1.0.815235 1.3.6.1.4.1.25623.1.0.814985 1.3.6.1.4.1.25623.1.0.815237 1.3.6.1.4.1.25623.1.0.815236 1.3.6.1.4.1.25623.1.0.814997

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2019-1084
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1084

CVE ID:	CVE-2019-1084
Description:	An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters. An authenticated attacker could exploit this vulnerability by creating entities with invalid display names, which, when added to conversations, remain invisible. This security update addresses the issue by validating display names upon creation in Microsoft Exchange, and by rendering invalid display names correctly in Microsoft Outlook clients., aka 'Microsoft Exchange Information Disclosure Vulnerability'.
Test IDs:	1.3.6.1.4.1.25623.1.0.815235 1.3.6.1.4.1.25623.1.0.814985 1.3.6.1.4.1.25623.1.0.815237 1.3.6.1.4.1.25623.1.0.815236 1.3.6.1.4.1.25623.1.0.814997
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2019-1084 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1084