CVE-2016-3366

Name of the Vulnerable Software and Affected Versions Microsoft Outlook versions 2007 SP3 through 2016 for Mac

Description The issue is related to the incorrect implementation of the requirements of the RFC 2046 document in Microsoft Outlook. This can be exploited by a remote attacker to bypass virus or spam detection systems using specially crafted MIME data in an email attachment. The vulnerability occurs because Microsoft Outlook does not strictly adhere to RFC 2046 and improperly identifies the end of a MIME attachment, which may cause antivirus or antispam scanning to not work as intended.

Recommendations For Microsoft Outlook versions 2007 SP3 through 2016 for Mac, update to a version that properly implements RFC 2046 to prevent bypassing of virus or spam detection via crafted MIME data in an email attachment. At the moment, there is no information about a newer version that contains a fix for this vulnerability.