Lucene search
K

5458 matches found

NVD
NVD
added 2003/12/31 5:0 a.m.23 views

CVE-2003-1378

Microsoft Outlook Express 6.0 and Outlook 2000, with the security zone set to Internet Zone, allows remote attackers to execute arbitrary programs via an HTML email with the CODEBASE parameter set to the program, a vulnerability similar to CAN-2002-0077...

8.8CVSS7.2AI score0.15583EPSS
Exploits1References4
NVD
NVD
added 2003/12/31 5:0 a.m.19 views

CVE-2003-1224

Weblogic.admin for BEA WebLogic Server and Express 7.0 and 7.0.0.1 displays the JDBCConnectionPoolRuntimeMBean password to the screen in cleartext, which allows attackers to read a user's password by physically observing "shoulder surfing" the screen...

2.1CVSS6.6AI score0.00365EPSS
Exploits0References2
Symantec
Symantec
added 2003/11/25 12:0 a.m.14 views

Microsoft Outlook Express MHTML Forced File Execution Vulnerability

Description A vulnerability has been discovered in Microsoft Outlook Express when handling MHTML file and res URIs that could lead to an unexpected file being downloaded and executed. The problem occurs due to the component failing to securely handle MHTML file URIs that reference a non-existent...

6.7AI score
Exploits0References2Affected Software9
Exploit DB
Exploit DB
added 2003/11/25 12:0 a.m.24 views

Microsoft Outlook Express 6.0 - MHTML Forced File Execution (2)

source: https://www.securityfocus.com/bid/9105/info A vulnerability has been discovered in Microsoft Outlook Express when handling MHTML file and res URIs that could lead to an unexpected file being downloaded and executed. The problem occurs due to the component failing to securely handle MHTML...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2003/11/25 12:0 a.m.22 views

Microsoft Outlook Express 6.0 - '.MHTML' Forced File Execution (1)

source: https://www.securityfocus.com/bid/9105/info A vulnerability has been discovered in Microsoft Outlook Express when handling MHTML file and res URIs that could lead to an unexpected file being downloaded and executed. The problem occurs due to the component failing to securely handle MHTML...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2003/11/25 12:0 a.m.13 views

Microsoft Outlook Express 6.0 - .MHTML Forced File Execution (1)

Microsoft Outlook Express 6.0 - .MHTML Forced File Execution 1 source: https://www.securityfocus.com/bid/9105/info A vulnerability has been discovered in Microsoft Outlook Express when handling MHTML file and res URIs that could lead to an unexpected file being downloaded and executed. The proble...

7.5AI score
Exploits0
exploitpack
exploitpack
added 2003/11/25 12:0 a.m.12 views

Microsoft Outlook Express 6.0 - MHTML Forced File Execution (2)

Microsoft Outlook Express 6.0 - MHTML Forced File Execution 2 source: https://www.securityfocus.com/bid/9105/info A vulnerability has been discovered in Microsoft Outlook Express when handling MHTML file and res URIs that could lead to an unexpected file being downloaded and executed. The problem...

7.5AI score
Exploits0
CERT
CERT
added 2003/08/02 12:0 a.m.26 views

Microsoft Internet Explorer and Outlook Express MHTML rendering engine incorrectly executes script in Local Computer Zone

Overview There is an MHTML input validation vulnerability in Outlook Express that may lead to arbitrary command and code execution in the Local Computer Zone of a victim host. Description Microsoft systems use components of Microsoft Outlook Express to render MHTML MIME Encapsulation of Aggregate...

7.5CVSS7.5AI score0.26675EPSS
Exploits0References6
securityvulns
securityvulns
added 2003/07/26 12:0 a.m.31 views

Outlook Express plaintext HTML injection

Message content type is determinetd automatically bypassing MIME settings...

1.1AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2003/07/26 12:0 a.m.20 views

TEXT/PLAIN: ALERT("OUTLOOK EXPRESS")

Friday, July 25, 2003 Active Scripting and HTML in a plain text mail message: MIME-Version: 1.0 Content-Type: text/plain; Content-Transfer-Encoding: 7bit X-Source: 25.07.03 http://www.malware.com img dynsrc=javascript:alertfont color=redfoo The above is a legitimate RFC822 mail message in plain...

6.3AI score
Exploits0
exploitpack
exploitpack
added 2003/07/25 12:0 a.m.10 views

Microsoft Outlook Express 56 - Script Execution

Microsoft Outlook Express 56 - Script Execution source: https://www.securityfocus.com/bid/8281/info It has been reported that a weakness may have been re-introduced into Microsoft Outlook Express. According to the source, the issue described in Bugtraq ID 3334 had been fixed by Microsoft but...

7.5AI score
Exploits0
Exploit DB
Exploit DB
added 2003/07/25 12:0 a.m.17 views

Microsoft Outlook Express 5/6 - Script Execution

source: https://www.securityfocus.com/bid/8281/info It has been reported that a weakness may have been re-introduced into Microsoft Outlook Express. According to the source, the issue described in Bugtraq ID 3334 had been fixed by Microsoft but appears to have resurfaced. It should be noted that...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/07/14 12:0 a.m.30 views

Multiple bugs in Internet Explorer/Outlook Express

New cumulative patch announced...

1.6AI score
Exploits0References6Affected Software1
NVD
NVD
added 2003/06/16 4:0 a.m.19 views

CVE-2003-0301

The IMAP Client for Outlook Express 6.00.2800.1106 allows remote malicious IMAP servers to cause a denial of service crash via certain large literal size values that cause either integer signedness errors or integer overflow errors...

5CVSS7AI score0.05978EPSS
Exploits0References1
securityvulns
securityvulns
added 2003/05/22 12:0 a.m.30 views

Restricted Zone: the OUTLOOK EXPRESS

Tuesday, 20 May, 2003 Silent delivery and installation of an executable on a target computer. No client input other than opening an email or newsgroup post. This can be achieved with the default setting of Outlook Express: RESTRICTED ZONE. Technically the following never worked, cannot work,...

6.8AI score
Exploits0
Cvelist
Cvelist
added 2003/05/15 4:0 a.m.20 views

CVE-2003-0301

The IMAP Client for Outlook Express 6.00.2800.1106 allows remote malicious IMAP servers to cause a denial of service crash via certain large literal size values that cause either integer signedness errors or integer overflow errors...

7AI score0.05978EPSS
Exploits0References1
CVE
CVE
added 2003/05/15 4:0 a.m.50 views

CVE-2003-0301

CVE-2003-0301 concerns the IMAP Client for Outlook Express 6.00.2800.1106. The issue is triggered by certain large literal size values that cause integer signedness or integer overflow errors during parsing, enabling remote servers to induce a denial of service (crash). The public sources in the ...

5CVSS7.3AI score0.05978EPSS
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2003/04/25 12:0 a.m.53 views

Microsoft Security Bulletin MS03-014: Cumulative Patch for Outlook Express (330994)

-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Cumulative Patch for Outlook Express 330994 Date: 23 April 2003 Software: Microsoft c Outlook Express Impact: Run code of the attacker's choice on a user's machine. Max Risk: Critica...

6.5AI score
Exploits0
Cvelist
Cvelist
added 2003/04/02 5:0 a.m.23 views

CVE-2002-0339

Cisco IOS 11.1CC through 12.2 with Cisco Express Forwarding CEF enabled includes portions of previous packets in the padding of a MAC level packet when the MAC packet's length is less than the IP level packet length...

6.4AI score0.01781EPSS
Exploits0References5
Exploit DB
Exploit DB
added 2003/02/24 12:0 a.m.37 views

Microsoft Outlook2000/Express 6.0 - Arbitrary Program Execution

source: https://www.securityfocus.com/bid/6923/info Microsoft Outlook and Outlook Express may execute arbitrary programs through objects embedded in HTML email messages. When an email message or newsgroup message is viewed using Outlook, a temporary object is created in the Internet Explorer cach...

7.4AI score
Exploits0
Rows per page
Query Builder