CVE-2004-2137

2005-06-1404:00:00

mitre

www.cve.org

6.5 Medium

AI Score

Confidence

Low

0.039 Low

EPSS

Percentile

92.0%

JSON

Outlook Express 6.0, when sending multipart e-mail messages using the “Break apart messages larger than” setting, leaks the BCC recipients of the message to the addresses listed in the To and CC fields, which may allow remote attackers to obtain sensitive information.

References

secunia.com/advisories/12376

securitytracker.com/id?1011067

support.microsoft.com/kb/843555

www.networksecurity.fi/advisories/outlook-bcc.html

www.osvdb.org/9167

www.securityfocus.com/bid/11040

exchange.xforce.ibmcloud.com/vulnerabilities/17098