5458 matches found
CVE-2003-1378
Microsoft Outlook Express 6.0 and Outlook 2000, with the security zone set to Internet Zone, allows remote attackers to execute arbitrary programs via an HTML email with the CODEBASE parameter set to the program, a vulnerability similar to CAN-2002-0077...
CVE-2003-1224
Weblogic.admin for BEA WebLogic Server and Express 7.0 and 7.0.0.1 displays the JDBCConnectionPoolRuntimeMBean password to the screen in cleartext, which allows attackers to read a user's password by physically observing "shoulder surfing" the screen...
Microsoft Outlook Express MHTML Forced File Execution Vulnerability
Description A vulnerability has been discovered in Microsoft Outlook Express when handling MHTML file and res URIs that could lead to an unexpected file being downloaded and executed. The problem occurs due to the component failing to securely handle MHTML file URIs that reference a non-existent...
Microsoft Outlook Express 6.0 - MHTML Forced File Execution (2)
source: https://www.securityfocus.com/bid/9105/info A vulnerability has been discovered in Microsoft Outlook Express when handling MHTML file and res URIs that could lead to an unexpected file being downloaded and executed. The problem occurs due to the component failing to securely handle MHTML...
Microsoft Outlook Express 6.0 - '.MHTML' Forced File Execution (1)
source: https://www.securityfocus.com/bid/9105/info A vulnerability has been discovered in Microsoft Outlook Express when handling MHTML file and res URIs that could lead to an unexpected file being downloaded and executed. The problem occurs due to the component failing to securely handle MHTML...
Microsoft Outlook Express 6.0 - .MHTML Forced File Execution (1)
Microsoft Outlook Express 6.0 - .MHTML Forced File Execution 1 source: https://www.securityfocus.com/bid/9105/info A vulnerability has been discovered in Microsoft Outlook Express when handling MHTML file and res URIs that could lead to an unexpected file being downloaded and executed. The proble...
Microsoft Outlook Express 6.0 - MHTML Forced File Execution (2)
Microsoft Outlook Express 6.0 - MHTML Forced File Execution 2 source: https://www.securityfocus.com/bid/9105/info A vulnerability has been discovered in Microsoft Outlook Express when handling MHTML file and res URIs that could lead to an unexpected file being downloaded and executed. The problem...
Microsoft Internet Explorer and Outlook Express MHTML rendering engine incorrectly executes script in Local Computer Zone
Overview There is an MHTML input validation vulnerability in Outlook Express that may lead to arbitrary command and code execution in the Local Computer Zone of a victim host. Description Microsoft systems use components of Microsoft Outlook Express to render MHTML MIME Encapsulation of Aggregate...
Outlook Express plaintext HTML injection
Message content type is determinetd automatically bypassing MIME settings...
TEXT/PLAIN: ALERT("OUTLOOK EXPRESS")
Friday, July 25, 2003 Active Scripting and HTML in a plain text mail message: MIME-Version: 1.0 Content-Type: text/plain; Content-Transfer-Encoding: 7bit X-Source: 25.07.03 http://www.malware.com img dynsrc=javascript:alertfont color=redfoo The above is a legitimate RFC822 mail message in plain...
Microsoft Outlook Express 56 - Script Execution
Microsoft Outlook Express 56 - Script Execution source: https://www.securityfocus.com/bid/8281/info It has been reported that a weakness may have been re-introduced into Microsoft Outlook Express. According to the source, the issue described in Bugtraq ID 3334 had been fixed by Microsoft but...
Microsoft Outlook Express 5/6 - Script Execution
source: https://www.securityfocus.com/bid/8281/info It has been reported that a weakness may have been re-introduced into Microsoft Outlook Express. According to the source, the issue described in Bugtraq ID 3334 had been fixed by Microsoft but appears to have resurfaced. It should be noted that...
Multiple bugs in Internet Explorer/Outlook Express
New cumulative patch announced...
CVE-2003-0301
The IMAP Client for Outlook Express 6.00.2800.1106 allows remote malicious IMAP servers to cause a denial of service crash via certain large literal size values that cause either integer signedness errors or integer overflow errors...
Restricted Zone: the OUTLOOK EXPRESS
Tuesday, 20 May, 2003 Silent delivery and installation of an executable on a target computer. No client input other than opening an email or newsgroup post. This can be achieved with the default setting of Outlook Express: RESTRICTED ZONE. Technically the following never worked, cannot work,...
CVE-2003-0301
The IMAP Client for Outlook Express 6.00.2800.1106 allows remote malicious IMAP servers to cause a denial of service crash via certain large literal size values that cause either integer signedness errors or integer overflow errors...
CVE-2003-0301
CVE-2003-0301 concerns the IMAP Client for Outlook Express 6.00.2800.1106. The issue is triggered by certain large literal size values that cause integer signedness or integer overflow errors during parsing, enabling remote servers to induce a denial of service (crash). The public sources in the ...
Microsoft Security Bulletin MS03-014: Cumulative Patch for Outlook Express (330994)
-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Cumulative Patch for Outlook Express 330994 Date: 23 April 2003 Software: Microsoft c Outlook Express Impact: Run code of the attacker's choice on a user's machine. Max Risk: Critica...
CVE-2002-0339
Cisco IOS 11.1CC through 12.2 with Cisco Express Forwarding CEF enabled includes portions of previous packets in the padding of a MAC level packet when the MAC packet's length is less than the IP level packet length...
Microsoft Outlook2000/Express 6.0 - Arbitrary Program Execution
source: https://www.securityfocus.com/bid/6923/info Microsoft Outlook and Outlook Express may execute arbitrary programs through objects embedded in HTML email messages. When an email message or newsgroup message is viewed using Outlook, a temporary object is created in the Internet Explorer cach...