Well dang CVE-2025-21298
This bug rates a CVSS 9.8 and allows a remote attacker to execute code on a target system by sending a specially crafted mail to an affected system with Outlook. The specific flaw exists within the parsing of RTF files.
https://www.zerodayinitiative.com/blog/2025/1/14/the-january-2025-security-update-review
Taggart :donor: /
npub18w…6q6gg
2025-01-14 19:33:08
Author Public Key
npub18wjp9tztznztxlxka5ttn5nz448la7c9ckmvdvlptcupgud3ygdqj6q6ggPublished at
2025-01-14 19:33:08Event JSON
{
"id": "770dc92565e2485c93dece7ffca6412debd0581c505f782a763a4fb7387de339",
"pubkey": "3ba412ac4b14c4b37cd6ed16b9d262ad4ffefb05c5b6c6b3e15e381471b1221a",
"created_at": 1736883188,
"kind": 1,
"tags": [
[
"proxy",
"https://infosec.exchange/users/mttaggart/statuses/113828376648322367",
"activitypub"
]
],
"content": "Well dang CVE-2025-21298\n\nThis bug rates a CVSS 9.8 and allows a remote attacker to execute code on a target system by sending a specially crafted mail to an affected system with Outlook. The specific flaw exists within the parsing of RTF files. \n\nhttps://www.zerodayinitiative.com/blog/2025/1/14/the-january-2025-security-update-review",
"sig": "700a87727595b923eac1c91e95a5fcb8eb6f629734106045ad0299574de40a9e1b26feeeac26c869da86fef8b422a9c36e9054871530cebc2ae4ae81d05ff19f"
}