Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:11BE214280ECB4E571139A18C589DED8
HistoryMay 04, 2006 - 12:00 a.m.

Outlook Express NNTP LIST buffer overflow

2006-05-0400:00:00
SAINT Corporation
download.saintcorporation.com
10

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.974 High

EPSS

Percentile

99.9%

JSON

Added: 05/04/2006
CVE: CVE-2005-1213
BID: 13951
OSVDB: 17306

Background

Outlook Express is a free e-mail client which is included in Windows operating systems.

Problem

A buffer overflow in Outlook Express allows command execution when processing responses from NNTP servers to LIST commands.

Resolution

Apply the patch referenced in Microsoft Security Bulletin 05-030.

References

<http://www.idefense.com/intelligence/vulnerabilities/display.php?id=263&gt;

Limitations

Exploit works on Outlook Express 5.5 and 6.0. Successful exploitation requires a user to open the exploit in Outlook Express using a URL such as **news://IP_Address**.

Platforms

Windows 2000
Windows XP

Related

saint 3
checkpoint_advisories 2
securityvulns 2
cert 1
seebug 1
cve 1
nessus 1
packetstorm 1
saint
saint
Outlook Express NNTP LIST buffer overflow
2006-05-04 00:00:00
Outlook Express NNTP LIST buffer overflow
2006-05-04 00:00:00
Outlook Express NNTP LIST buffer overflow
2006-05-04 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Outlook Express NNTP handler Buffer Overflow (CVE-2005-1213)
2016-03-20 00:00:00
NNTP (CVE-2004-0574; CVE-2005-1213)
2005-07-06 00:00:00
securityvulns
securityvulns
Microsoft Security Bulletin MS05-030 Cumulative Security Update in Outlook Express &#40;897715&#41;
2005-06-15 00:00:00
iDEFENSE Security Advisory 06.14.05: Microsoft Outlook Express NNTP Response Parsing Buffer Overflow Vulnerability
2005-06-15 00:00:00
cert
cert
Microsoft Outlook Express vulnerable to remote code execution
2005-06-14 00:00:00
seebug
seebug
MS Outlook Express NNTP Buffer Overflow Exploit (MS05-030)
2005-06-24 00:00:00
cve
cve
CVE-2005-1213
2005-06-14 04:00:00
nessus
nessus
MS05-030: Vulnerability in Outlook Express Could Allow Remote Code Execution (897715)
2005-06-14 00:00:00
packetstorm
packetstorm
Microsoft Outlook Express NNTP Response Parsing Buffer Overflow
2009-11-26 00:00:00

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.974 High

EPSS

Percentile

99.9%

JSON
Related for SAINT:11BE214280ECB4E571139A18C589DED8
saint3checkpoint_advisories2securityvulns2cert1seebug1cve1nessus1packetstorm1