CVE-2020-1349

HIGH

Microsoft Outlook - Remote Code Execution

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-1349. PoCs published by 0neb1n.

AI-analyzed exploit summary This repository contains a detailed writeup and analysis of CVE-2020-1349, a vulnerability in Outlook 2019 on Korean Windows 10 systems. It describes two bugs leading to integer underflow and heap overflow, with a proof-of-concept demonstrating EIP control via heap manipulation.

Description

A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka 'Microsoft Outlook Remote Code Execution Vulnerability'.

Exploits (1)

nomisec WRITEUP 11 stars
by 0neb1n · poc
https://github.com/0neb1n/CVE-2020-1349

This repository contains a detailed writeup and analysis of CVE-2020-1349, a vulnerability in Outlook 2019 on Korean Windows 10 systems. It describes two bugs leading to integer underflow and heap overflow, with a proof-of-concept demonstrating EIP control via heap manipulation.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Complex
Reliability
Theoretical
Target: Microsoft Outlook 2019 (16.0.12624.20424) on Korean Windows 10 1909 x64
No auth needed
Prerequisites: Korean Windows 10 1909 x64 with Outlook 2019 installed · IMAP-linked non-outlook.com email account · Crafted email with multibyte characters in To/From headers
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 7.8
EPSS 0.2250
EPSS Percentile 97.4%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

Status published
Products (5)
microsoft/365_apps
microsoft/office 2019
microsoft/outlook 2010 sp2
microsoft/outlook 2013 sp1 (2 CPE variants)
microsoft/outlook 2016
Published Jul 14, 2020
Tracked Since Feb 18, 2026