CVE-2008-0110

2008-03-1123:44:00

CWE-94

[email protected]

web.nvd.nist.gov

microsoft outlook

vulnerability

user-assisted

remote attackers

arbitrary code

crafted mailto uri

7.3 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.741 High

EPSS

Percentile

98.1%

JSON

Unspecified vulnerability in Microsoft Outlook in Office 2000 SP3, XP SP3, 2003 SP2 and Sp3, and Office System allows user-assisted remote attackers to execute arbitrary code via a crafted mailto URI.

CPENameOperatorVersion
microsoft:officemicrosoft officeeqxp
microsoft:officemicrosoft officeeq2003
microsoft:officemicrosoft officeeq2007
microsoft:officemicrosoft officeeq2000

CPE	Name	Operator	Version
microsoft:office	microsoft office	eq	xp
microsoft:office	microsoft office	eq	2003
microsoft:office	microsoft office	eq	2007
microsoft:office	microsoft office	eq	2000