MS15-033: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3048019)
Medium Nessus Plugin ID 82768
SynopsisAn application installed on the remote Mac OS X host is affected by a cross-site scripting vulnerability.
DescriptionThe remote Mac OS X host has a version of Microsoft Outlook for Mac for Office 365 installed that is affected by a cross-site scripting vulnerability due to improper sanitization of HTML strings.
A remote attacker can exploit this issue by convincing a user to open a file or visit a website containing specially crafted content, resulting in execution of arbitrary code in the context of the current user.
SolutionMicrosoft has released a patch for Outlook for Mac for Office 365.