Lucene search
+L

3543 matches found

CVE
CVE
added 2005/02/13 5:0 a.m.85 views

CVE-2004-1443

CVE-2004-1443 is a documented XSS vulnerability in the Horde-IMP inline MIME viewer affecting Horde-IMP versions 3.2.4 and earlier when accessed with Internet Explorer. The vulnerability allows an attacker to inject arbitrary script/HTML via a crafted e‑mail message. Public assessment sources con...

4.3CVSS5.6AI score0.01208EPSS
Exploits0References5Affected Software1
CERT
CERT
added 2005/02/08 12:0 a.m.38 views

Microsoft Internet Explorer contains a DHTML method heap memory corruption vulnerability

Overview Microsoft Internet Explorer contains a flaw in DHTML method handling which may allow a remote attacker to execute arbitrary code. Description The DHTML method handling in Internet Explorer fails to perform proper bounds checking. This vulnerability may allow data to be written outside th...

7.5CVSS6.8AI score0.36841EPSS
Exploits0References10
Cvelist
Cvelist
added 2005/01/29 5:0 a.m.28 views

CVE-2005-0127

Mail in Mac OS X 10.3.7, when generating a Message-ID header, generates a GUUID that includes information that identifies the Ethernet hardware being used, which allows remote attackers to link mail messages to a particular machine...

6.3AI score0.0271EPSS
Exploits0References5
NVD
NVD
added 2004/12/31 5:0 a.m.13 views

CVE-2004-2137

Outlook Express 6.0, when sending multipart e-mail messages using the "Break apart messages larger than" setting, leaks the BCC recipients of the message to the addresses listed in the To and CC fields, which may allow remote attackers to obtain sensitive information...

5CVSS6.5AI score0.26142EPSS
Exploits0References7
CVE
CVE
added 2004/12/01 5:0 a.m.70 views

CVE-2004-1098

CVE-2004-1098 affects MIME-tools (v5.414) used by MIMEDefang. The vulnerability arises from an empty boundary string in the Content-Type header, which lets a virus-infected attachment bypass some antivirus scanning. Impact is bypass of virus detection; published advisories reference MIME-tools an...

7.5CVSS6.5AI score0.01585EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2004/11/17 12:0 a.m.37 views

GLSA-200411-25 : SquirrelMail: Encoded text XSS vulnerability

The remote host is affected by the vulnerability described in GLSA-200411-25 SquirrelMail: Encoded text XSS vulnerability SquirrelMail fails to properly sanitize certain strings when decoding specially crafted headers. Impact : By enticing a user to read a specially crafted e-mail, an attacker ca...

6.8CVSS5.8AI score0.02818EPSS
Exploits0References3
Exploit DB
Exploit DB
added 2004/10/18 12:0 a.m.32 views

Microsoft Outlook 2003 - Security Policy Bypass

source: https://www.securityfocus.com/bid/11446/info Microsoft Outlook 2003 is reported prone to a security policy bypass vulnerability. It is reported that by including a base64 encoded image in an email and labeling that image in a sufficient manner, it is then possible to reference this base64...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2004/10/18 12:0 a.m.31 views

Microsoft Outlook Express 4.x/5.x/6.0 - Plaintext Email Security Policy Bypass

source: https://www.securityfocus.com/bid/11447/info Microsoft Outlook Express is reported prone to a security policy bypass vulnerability. The vulnerability presents itself if an attached image file is referenced using a specially crafted CID URI. This will result in a policy bypass because the...

7.4AI score
Exploits0
CERT
CERT
added 2004/10/13 12:0 a.m.54 views

Microsoft Internet Explorer Install Engine contains a buffer overflow vulnerability

Overview The Active Setup Install Engine in Microsoft Internet Explorer contains a buffer overflow vulnerability. This may allow an attacker to take complete control of a vulnerable system. Description The Active Setup Install Engine inseng.dll permits cabinet files to be launched and executed...

10CVSS7.4AI score0.48671EPSS
Exploits0References2
0day.today
0day.today
added 2004/10/11 12:0 a.m.21 views

Eudora 6.2.0.7 Attachment Spoofer Exploit

Exploit for unknown platform in category remote exploits ========================================= Eudora 6.2.0.7 Attachment Spoofer Exploit ========================================= !/usr/bin/perl -- use MIME::Base64; print "From: me\n"; print "To: you\n"; print "Subject: Eudora 6.2.0.7 on Windo...

7.1AI score
Exploits0
CVE
CVE
added 2004/09/01 4:0 a.m.56 views

CVE-2002-1307

Summary: CVE-2002-1307 is a cross-site scripting (XSS) vulnerability in MHonArc versions 2.5.12 and earlier, exploitable when an email message contains a script embedded in a MIME header name. The issue allows remote attackers to inject script/HTML via headers, with the impact of partial confiden...

6.8CVSS5.6AI score0.04022EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2004/09/01 4:0 a.m.53 views

CVE-2002-1198

This CVE (CVE-2002-1198) affects Bugzilla 2.16.x prior to 2.16.1. The issue is an SQL injection vulnerability during account creation caused by improper filtering of apostrophes in the email address, enabling remote attackers to execute arbitrary SQL. Affected component: Bugzilla account creation...

7.5CVSS8.1AI score0.01088EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2004/08/30 12:0 a.m.25 views

GLSA-200408-07 : Horde-IMP: Input validation vulnerability for Internet Explorer users

The remote host is affected by the vulnerability described in GLSA-200408-07 Horde-IMP: Input validation vulnerability for Internet Explorer users Horde-IMP fails to properly sanitize email messages that contain malicious HTML or script code so that it is not safe for users of Internet Explorer...

4.3CVSS6.1AI score0.01208EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.18 views

Lotus Notes R5 S/MIME Message Modification Warning Failure

Binary data 1304.prm...

7.5CVSS7.3AI score0.01162EPSS
Exploits0References1
NVD
NVD
added 2004/08/18 4:0 a.m.24 views

CVE-2004-0502

Outlook 2003, when replying to an e-mail message, stores certain files in a predictable location for the "src" of an img tag of the original message, which allows remote attackers to bypass zone restrictions and exploit other issues that rely on predictable locations, as demonstrated using a shel...

5CVSS6.7AI score0.20173EPSS
Exploits1References6
Exploit DB
Exploit DB
added 2004/07/05 12:0 a.m.30 views

Symantec Brightmail Anti-Spam 6.0 - Unauthorized Message Disclosure

source: https://www.securityfocus.com/bid/10657/info Symantec Brightmail anti-spam is reported prone to an unauthorized message disclosure vulnerability. This issue exists in the Brightmail anti-spam control center. Due to improper access validation a remote attacker can read users' filtered emai...

7AI score
Exploits0
NVD
NVD
added 2004/06/01 4:0 a.m.26 views

CVE-2004-0182

Mailman before 2.0.13 allows remote attackers to cause a denial of service crash via an email message with an empty subject field...

5CVSS6.6AI score0.01344EPSS
Exploits0References2
Gentoo Linux
Gentoo Linux
added 2004/05/14 12:0 a.m.32 views

Exim verify=header_syntax buffer overflow

Background Exim is an highly configurable message transfer agent MTA developed at the University of Cambridge. Description When the option "verify = headersyntax" is used in an ACL in the configuration file, Exim is vulnerable to a buffer overflow attack that can be triggered remotely by sending...

7.5CVSS7.4AI score0.06974EPSS
Exploits1
CVE
CVE
added 2004/03/27 5:0 a.m.56 views

CVE-2004-0152

The CVE-2004-0152 issue affects Emil (mail filter) with multiple stack-based buffer overflows in encode_mime, encode_uuencode, and decode_uuencode functions for Emil 2.1.0 and earlier. Attackers can send email attachments with filenames that trigger arbitrary code execution. Public references inc...

7.5CVSS7.5AI score0.04146EPSS
Exploits0References3Affected Software1
Exploit DB
Exploit DB
added 2004/03/19 12:0 a.m.47 views

Eudora 6.0.3 (Windows) - Attachment Spoofing

!/usr/bin/perl -- use MIME::Base64; print "From: me\n"; print "To: you\n"; print "Subject: Eudora 6.0.3 on Windows spoof, LaunchProtect\n"; print "MIME-Version: 1.0\n"; print "Content-Type: multipart/mixed; boundary="zzz"\n"; print "\n"; print "This is a multi-part message in MIME format.\n";...

7.4AI score
Exploits0
Rows per page
Query Builder