Lucene search

[email protected]CVE-2002-1179

HistorySep 01, 2004 - 4:00 a.m.

CVE-2002-1179

2004-09-0104:00:00

[email protected]

web.nvd.nist.gov

cve-2002-1179

buffer overflow

s/mime parsing

microsoft outlook express

remote code execution

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.2 High

AI Score

Confidence

Low

0.712 High

EPSS

Percentile

98.1%

JSON

Buffer overflow in the S/MIME Parsing capability in Microsoft Outlook Express 5.5 and 6.0 allows remote attackers to execute arbitrary code via a digitally signed email with a long “From” address, which triggers the overflow when the user views or previews the message.

Affected configurations

NVD

Node

microsoftoutlook_expressMatch5.5

microsoftoutlook_expressMatch6.0

CPENameOperatorVersion
microsoft:outlook_expressmicrosoft outlook expresseq5.5
microsoft:outlook_expressmicrosoft outlook expresseq6.0

CPE	Name	Operator	Version
microsoft:outlook_express	microsoft outlook express	eq	5.5
microsoft:outlook_express	microsoft outlook express	eq	6.0

References

marc.info/?l=bugtraq&m=103435413105661&w=2

marc.info/?l=ntbugtraq&m=103429637822920&w=2

marc.info/?l=ntbugtraq&m=103429681123297&w=2

www.iss.net/security_center/static/10338.php

www.securityfocus.com/bid/5944

docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-058

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.2 High

AI Score

Confidence

Low

0.712 High

EPSS

Percentile

98.1%

JSON

Related for CVE-2002-1179

cvelist1 nvd1