Lucene search

[email protected]CVE-2004-0503

HistoryAug 18, 2004 - 4:00 a.m.

CVE-2004-0503

2004-08-1804:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

microsoft outlook

remote execution

rtf

ole

media player

cve-2004-0503

6.7 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.055 Low

EPSS

Percentile

93.1%

JSON

Microsoft Outlook 2003 allows remote attackers to bypass the default zone restrictions and execute script within media files via a Rich Text Format (RTF) message containing an OLE object for the Windows Media Player, which bypasses Media Player’s setting to disallow scripting and may lead to unprompted installation of an executable when exploited in conjunction with predictable-file-location exposures such as CVE-2004-0502.

CPENameOperatorVersion
microsoft:outlookmicrosoft outlookeq2003

CPE	Name	Operator	Version
microsoft:outlook	microsoft outlook	eq	2003

References

archives.neohapsis.com/archives/fulldisclosure/2004-05/0885.html

marc.info/?l=bugtraq&m=108483193328605&w=2

secunia.com/advisories/11629

www.osvdb.org/6217

www.securityfocus.com/bid/10369

exchange.xforce.ibmcloud.com/vulnerabilities/16173

6.7 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.055 Low

EPSS

Percentile

93.1%

JSON

Related for CVE-2004-0503

checkpoint_advisories1 cve1