Lucene search
K

5461 matches found

securityvulns
securityvulns
added 2004/05/19 12:0 a.m.29 views

Outlook Express HTML file writing

During reply to a message with HTML file attached this file is saved to known location...

0.3AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2004/05/15 12:0 a.m.27 views

Security Advisory: (BEA04-60.00)

Security Advisory: BEA04-60.00 From: BEA Systems Inc. Minor Subject: Patches are available to protect user authorizations. Products Affected: WebLogic Server and WebLogic Express Threat level: Low - The vulnerability requires an attacker to be assigned the Admin or Operator security role. Severit...

1.1AI score
Exploits0
exploitpack
exploitpack
added 2004/05/13 12:0 a.m.14 views

Microsoft Outlook Express 6.0 - URI Obfuscation

Microsoft Outlook Express 6.0 - URI Obfuscation source: https://www.securityfocus.com/bid/10345/info Microsoft Outlook Express has been reported prone to a URI obfuscation vulnerability. This issue is reported to affect version 6.0 of the affected software, other versions might also be affected. ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2004/05/13 12:0 a.m.21 views

Microsoft Outlook Express 6.0 - URI Obfuscation

source: https://www.securityfocus.com/bid/10345/info Microsoft Outlook Express has been reported prone to a URI obfuscation vulnerability. This issue is reported to affect version 6.0 of the affected software, other versions might also be affected. An attacker could reportedly get a user to visit...

7.4AI score
Exploits0
NVD
NVD
added 2004/05/04 4:0 a.m.29 views

CVE-2004-0380

The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help CHM file that references the InfoTech Storage ITS...

10CVSS7.1AI score0.6325EPSS
Exploits1References14
securityvulns
securityvulns
added 2004/04/14 12:0 a.m.74 views

Microsoft Security Bulletin MS04-013

Microsoft Security Bulletin MS04-013 Cumulative Security Update for Outlook Express 837009 Issued: April 13, 2004 Version: 1.0 Summary Who should read this document: Customers who have Microsoft® Outlook Express® installed Impact of vulnerability: Remote Code Execution Maximum Severity Rating:...

10CVSS7.2AI score0.6325EPSS
Exploits1
securityvulns
securityvulns
added 2004/04/14 12:0 a.m.53 views

NUL Character in message body locks up Outlook/Outlook Express

Hello, A number of Microsoft mail programs fail when they attempt to download a message containing ASCII NUL in the message body. The clients we tested are: Outlook Express 6.00.2800.1106 Outlook 2002 10.2627.3501 SP-1 Outlook 2003 11.5608.5606 Once the client attempts to download the particular...

6.7AI score
Exploits0
Exploit DB
Exploit DB
added 2004/04/14 12:0 a.m.17 views

Microsoft Outlook Express 6.0 - Remote Denial of Service

source: https://www.securityfocus.com/bid/10144/info Microsoft Outlook and Outlook Express have been reported prone to a remote denial of service vulnerability. The issue is reported to present itself when a NULL is encountered in the message body of an e-mail. It is reported that when the...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/04/13 12:0 a.m.28 views

MS04-013: Cumulative Update for Outlook Express (837009)

The remote host has a version of Outlook Express that has a bug in its MHTML URL processor that could allow an attacker to execute arbitrary code on this host. To exploit this flaw, an attacker would need to send a malformed email to a user of this host using Outlook, or would need to lure him in...

10CVSS5.7AI score0.6325EPSS
Exploits1References2
Cvelist
Cvelist
added 2004/04/06 4:0 a.m.29 views

CVE-2004-0380

The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help CHM file that references the InfoTech Storage ITS...

7.1AI score0.6325EPSS
Exploits1References14
CVE
CVE
added 2004/04/06 4:0 a.m.58 views

CVE-2004-0380

The CVE-2004-0380 issue affects the MHTML URL Processing Vulnerability in Microsoft Outlook Express 5.5 SP2 through 6 SP1, rooted in the MHTML/ITS handling and cross-domain logic. A remote attacker could cause HTML/CHM content to execute arbitrary code in the Local Machine Zone by exploiting ITS,...

10CVSS7.1AI score0.6325EPSS
Exploits1References14Affected Software1
CERT
CERT
added 2004/04/05 12:0 a.m.29 views

Outlook Express MHTML protocol handler does not properly validate source of alternate content

Overview The Outlook Express MIME Encapsulation of Aggregate HTML Documents MHTML protocol handler does not adequately validate the source of alternate content. An attacker could exploit this vulnerability to access data and execute script in different security domains. By causing script to be ru...

10CVSS6.5AI score0.6325EPSS
Exploits1References25
Packet Storm
Packet Storm
added 2004/03/31 12:0 a.m.23 views

ieBad.txt

Wednesday, March 31, 2004 This is somewhat disconcerting. Reference the recently disclosed Internet Explorer 'bug' presently in the wild original discussion: http://www.securityfocus.com/archive/1/358813 with additional input buried thereunder in subsequent threads allowing for complete remote...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2004/03/31 12:0 a.m.15 views

Microsoft Internet Explorer 6 - HTML Form Status Bar Misrepresentation

Microsoft Internet Explorer 6 - HTML Form Status Bar Misrepresentation source: https://www.securityfocus.com/bid/10023/info A vulnerability has been identified in Microsoft Internet Explorer that allows an attacker to misrepresent the status bar in the browser, allowing vulnerable users to be...

7.2AI score
Exploits0
Exploit DB
Exploit DB
added 2004/03/31 12:0 a.m.21 views

Microsoft Internet Explorer 6 - HTML Form Status Bar Misrepresentation

source: https://www.securityfocus.com/bid/10023/info A vulnerability has been identified in Microsoft Internet Explorer that allows an attacker to misrepresent the status bar in the browser, allowing vulnerable users to be mislead into following a link to a malicious site. The issue presents itse...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2004/02/13 12:0 a.m.28 views

Microsoft Internet Explorer 5.0.1 - ITS Protocol Zone Bypass (MS04-013)

Microsoft Internet Explorer 5.0.1 - ITS Protocol Zone Bypass MS04-013 source: https://www.securityfocus.com/bid/9658/info Microsoft Internet Explorer has been reported prone to a vulnerability that may permit hostile content to be interpreted in the Local Zone. The issue may be exploited via the...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2004/02/13 12:0 a.m.51 views

Microsoft Internet Explorer 5.0.1 - ITS Protocol Zone Bypass (MS04-013)

source: https://www.securityfocus.com/bid/9658/info Microsoft Internet Explorer has been reported prone to a vulnerability that may permit hostile content to be interpreted in the Local Zone. The issue may be exploited via the ITS InfoTech Storage Protocol URI handler. It is possible to use this...

7AI score
Exploits0
securityvulns
securityvulns
added 2004/02/11 12:0 a.m.33 views

EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption

Microsoft ASN.1 Library Length Overflow Heap Corruption Release Date: February 10, 2004 Date Reported: July 25, 2003 Severity: High Remote Code Execution Systems Affected: Microsoft Windows NT 4.0 all versions Microsoft Windows 2000 SP3 and earlier Microsoft Windows XP all versions Software...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2004/02/10 12:0 a.m.39 views

Microsoft Internet Explorer 5 - Shell: IFrame Cross-Zone Scripting (2)

source: https://www.securityfocus.com/bid/9628/info It has been alleged that Microsoft Internet Explorer is prone to a weakness that may potentially allow for the execution of hostile script code in the context of the My Computer Zone. This issue is related to how shell: URIs are handled by the...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2004/02/10 12:0 a.m.14 views

Microsoft Internet Explorer 5 - Shell: IFrame Cross-Zone Scripting (1)

Microsoft Internet Explorer 5 - Shell: IFrame Cross-Zone Scripting 1 source: https://www.securityfocus.com/bid/9628/info It has been alleged that Microsoft Internet Explorer is prone to a weakness that may potentially allow for the execution of hostile script code in the context of the My Compute...

7AI score
Exploits0
Rows per page
Query Builder