Lucene search

[email protected]CVE-2001-0145

HistoryMay 03, 2001 - 4:00 a.m.

CVE-2001-0145

2001-05-0304:00:00

[email protected]

web.nvd.nist.gov

cve-2001-0145

buffer overflow

vcard

outlook 2000

outlook 98

outlook express 5.x

attack

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.8%

JSON

Buffer overflow in VCard handler in Outlook 2000 and 98, and Outlook Express 5.x, allows an attacker to execute arbitrary commands via a malformed vCard birthday field.

Affected configurations

NVD

Node

microsoftoutlookMatch98

microsoftoutlookMatch2000

microsoftoutlook_expressMatch5.0

CPENameOperatorVersion
microsoft:outlookmicrosoft outlookeq98
microsoft:outlookmicrosoft outlookeq2000
microsoft:outlook_expressmicrosoft outlook expresseq5.0

CPE	Name	Operator	Version
microsoft:outlook	microsoft outlook	eq	98
microsoft:outlook	microsoft outlook	eq	2000
microsoft:outlook_express	microsoft outlook express	eq	5.0

References

www.atstake.com/research/advisories/2001/a022301-1.txt

docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-012

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.8%

JSON

Related for CVE-2001-0145

nvd1 cvelist1