Lucene search

[email protected]CVE-2002-2202

HistoryOct 03, 2022 - 4:23 p.m.

CVE-2002-2202

2022-10-0316:23:49

[email protected]

web.nvd.nist.gov

cve-2002-2202

outlook express

email security

message retention

local user vulnerability

nvd

3.8 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:H/Au:S/C:C/I:N/A:N

6.5 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

30.2%

JSON

Outlook Express 6.0 does not delete messages from dbx files, even when a user empties the Deleted items folder, which allows local users to read other users email.

Affected configurations

NVD

Node

microsoftoutlook_expressMatch6.0

CPENameOperatorVersion
microsoft:outlook_expressmicrosoft outlook expresseq6.0

CPE	Name	Operator	Version
microsoft:outlook_express	microsoft outlook express	eq	6.0

References

www.iss.net/security_center/static/10500.php

www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0210&L=ntbugtraq&F=P&S=&P=5732

3.8 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:H/Au:S/C:C/I:N/A:N

6.5 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

30.2%

JSON

Related for CVE-2002-2202

nvd1 cvelist1