5461 matches found
Outlook Express HTML file writing
During reply to a message with HTML file attached this file is saved to known location...
Security Advisory: (BEA04-60.00)
Security Advisory: BEA04-60.00 From: BEA Systems Inc. Minor Subject: Patches are available to protect user authorizations. Products Affected: WebLogic Server and WebLogic Express Threat level: Low - The vulnerability requires an attacker to be assigned the Admin or Operator security role. Severit...
Microsoft Outlook Express 6.0 - URI Obfuscation
Microsoft Outlook Express 6.0 - URI Obfuscation source: https://www.securityfocus.com/bid/10345/info Microsoft Outlook Express has been reported prone to a URI obfuscation vulnerability. This issue is reported to affect version 6.0 of the affected software, other versions might also be affected. ...
Microsoft Outlook Express 6.0 - URI Obfuscation
source: https://www.securityfocus.com/bid/10345/info Microsoft Outlook Express has been reported prone to a URI obfuscation vulnerability. This issue is reported to affect version 6.0 of the affected software, other versions might also be affected. An attacker could reportedly get a user to visit...
CVE-2004-0380
The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help CHM file that references the InfoTech Storage ITS...
Microsoft Security Bulletin MS04-013
Microsoft Security Bulletin MS04-013 Cumulative Security Update for Outlook Express 837009 Issued: April 13, 2004 Version: 1.0 Summary Who should read this document: Customers who have Microsoft® Outlook Express® installed Impact of vulnerability: Remote Code Execution Maximum Severity Rating:...
NUL Character in message body locks up Outlook/Outlook Express
Hello, A number of Microsoft mail programs fail when they attempt to download a message containing ASCII NUL in the message body. The clients we tested are: Outlook Express 6.00.2800.1106 Outlook 2002 10.2627.3501 SP-1 Outlook 2003 11.5608.5606 Once the client attempts to download the particular...
Microsoft Outlook Express 6.0 - Remote Denial of Service
source: https://www.securityfocus.com/bid/10144/info Microsoft Outlook and Outlook Express have been reported prone to a remote denial of service vulnerability. The issue is reported to present itself when a NULL is encountered in the message body of an e-mail. It is reported that when the...
MS04-013: Cumulative Update for Outlook Express (837009)
The remote host has a version of Outlook Express that has a bug in its MHTML URL processor that could allow an attacker to execute arbitrary code on this host. To exploit this flaw, an attacker would need to send a malformed email to a user of this host using Outlook, or would need to lure him in...
CVE-2004-0380
The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help CHM file that references the InfoTech Storage ITS...
CVE-2004-0380
The CVE-2004-0380 issue affects the MHTML URL Processing Vulnerability in Microsoft Outlook Express 5.5 SP2 through 6 SP1, rooted in the MHTML/ITS handling and cross-domain logic. A remote attacker could cause HTML/CHM content to execute arbitrary code in the Local Machine Zone by exploiting ITS,...
Outlook Express MHTML protocol handler does not properly validate source of alternate content
Overview The Outlook Express MIME Encapsulation of Aggregate HTML Documents MHTML protocol handler does not adequately validate the source of alternate content. An attacker could exploit this vulnerability to access data and execute script in different security domains. By causing script to be ru...
ieBad.txt
Wednesday, March 31, 2004 This is somewhat disconcerting. Reference the recently disclosed Internet Explorer 'bug' presently in the wild original discussion: http://www.securityfocus.com/archive/1/358813 with additional input buried thereunder in subsequent threads allowing for complete remote...
Microsoft Internet Explorer 6 - HTML Form Status Bar Misrepresentation
Microsoft Internet Explorer 6 - HTML Form Status Bar Misrepresentation source: https://www.securityfocus.com/bid/10023/info A vulnerability has been identified in Microsoft Internet Explorer that allows an attacker to misrepresent the status bar in the browser, allowing vulnerable users to be...
Microsoft Internet Explorer 6 - HTML Form Status Bar Misrepresentation
source: https://www.securityfocus.com/bid/10023/info A vulnerability has been identified in Microsoft Internet Explorer that allows an attacker to misrepresent the status bar in the browser, allowing vulnerable users to be mislead into following a link to a malicious site. The issue presents itse...
Microsoft Internet Explorer 5.0.1 - ITS Protocol Zone Bypass (MS04-013)
Microsoft Internet Explorer 5.0.1 - ITS Protocol Zone Bypass MS04-013 source: https://www.securityfocus.com/bid/9658/info Microsoft Internet Explorer has been reported prone to a vulnerability that may permit hostile content to be interpreted in the Local Zone. The issue may be exploited via the...
Microsoft Internet Explorer 5.0.1 - ITS Protocol Zone Bypass (MS04-013)
source: https://www.securityfocus.com/bid/9658/info Microsoft Internet Explorer has been reported prone to a vulnerability that may permit hostile content to be interpreted in the Local Zone. The issue may be exploited via the ITS InfoTech Storage Protocol URI handler. It is possible to use this...
EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption
Microsoft ASN.1 Library Length Overflow Heap Corruption Release Date: February 10, 2004 Date Reported: July 25, 2003 Severity: High Remote Code Execution Systems Affected: Microsoft Windows NT 4.0 all versions Microsoft Windows 2000 SP3 and earlier Microsoft Windows XP all versions Software...
Microsoft Internet Explorer 5 - Shell: IFrame Cross-Zone Scripting (2)
source: https://www.securityfocus.com/bid/9628/info It has been alleged that Microsoft Internet Explorer is prone to a weakness that may potentially allow for the execution of hostile script code in the context of the My Computer Zone. This issue is related to how shell: URIs are handled by the...
Microsoft Internet Explorer 5 - Shell: IFrame Cross-Zone Scripting (1)
Microsoft Internet Explorer 5 - Shell: IFrame Cross-Zone Scripting 1 source: https://www.securityfocus.com/bid/9628/info It has been alleged that Microsoft Internet Explorer is prone to a weakness that may potentially allow for the execution of hostile script code in the context of the My Compute...