Lucene search

[email protected]CVE-2004-0502

HistoryAug 18, 2004 - 4:00 a.m.

CVE-2004-0502

2004-08-1804:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2004-0502

outlook 2003

predictable location

remote attack

zone restrictions

exploit

nvd

7 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.009 Low

EPSS

Percentile

82.9%

JSON

Outlook 2003, when replying to an e-mail message, stores certain files in a predictable location for the “src” of an img tag of the original message, which allows remote attackers to bypass zone restrictions and exploit other issues that rely on predictable locations, as demonstrated using a shell: URI.

CPENameOperatorVersion
microsoft:outlookmicrosoft outlookeq2003

CPE	Name	Operator	Version
microsoft:outlook	microsoft outlook	eq	2003

References

marc.info/?l=bugtraq&m=108420583612655&w=2

marc.info/?l=bugtraq&m=108637351805607&w=2

marc.info/?l=ntbugtraq&m=108644231209698&w=2

secunia.com/advisories/11572

www.securityfocus.com/bid/10307

exchange.xforce.ibmcloud.com/vulnerabilities/16104

7 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.009 Low

EPSS

Percentile

82.9%

JSON

Related for CVE-2004-0502

cve1