PRIOn knowledge basePRION:CVE-2006-1305

HistoryDec 31, 2006 - 5:00 a.m.

Design/Logic Flaw

2006-12-3105:00:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.236 Low

EPSS

Percentile

96.4%

JSON

Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to cause a denial of service (memory exhaustion and interrupted mail recovery) via malformed e-mail header information, possibly related to (1) long subject lines or (2) large numbers of recipients in To or CC headers.

CPENameOperatorVersion
officeeq2000 sp3
officeeqxp sp3
officeeq2003 sp2
outlookeq2000
outlookeq2002
outlookeq2003

Name	Operator	Version
office	eq	2000 sp3
office	eq	xp sp3
office	eq	2003 sp2
outlook	eq	2000
outlook	eq	2002
outlook	eq	2003

References

blogs.securiteam.com/index.php/archives/347

linuxbox.org/pipermail/funsec/2006-March/005208.html

osvdb.org/ref/24/24081-outlook1.txt

secunia.com/advisories/23674

securitytracker.com/id?1017488

www.kb.cert.org/vuls/id/617436

www.osvdb.org/31253

www.securityfocus.com/archive/1/457274/100/0/threaded

www.securityfocus.com/bid/21937

www.us-cert.gov/cas/techalerts/TA07-009A.html

www.vupen.com/english/advisories/2007/0104

docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-003

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A122

7 High

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.236 Low

EPSS

Percentile

96.4%

JSON

Related for PRION:CVE-2006-1305