Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Microsoft Outlook 2013 STIG
DTOO246 - Scripts in One-Off Forms
DTOO246 - Scripts in One-Off Forms
An XCCDF Group - A logical subset of the XCCDF Benchmark
Details
Profiles
Prose
DTOO246 - Scripts in One-Off Forms
1 Rule
<GroupDescription></GroupDescription>
Scripts in One-Off Outlook forms must be disallowed.
Medium Severity
<VulnDiscussion>Malicious code can be included within Outlook forms, and such code could be executed when users open the form. By default, Outlook does not run scripts in forms in which the script and the layout are contained within the message.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility>System Administrator</Responsibility><Responsibility>Information Assurance Officer</Responsibility><IAControls></IAControls>