Lucene search
K

5458 matches found

securityvulns
securityvulns
added 2003/02/22 12:0 a.m.25 views

O UT LO OK E XPRE SS 6 .00 : broken

Saturday, February 22, 2003 Technical silent delivery and installation of an executable no client input other than reading an email or viewing a newsgroup message. Outlook Express 6.00 SP1 Cumulative Pack 1 2 3 4 whatever. This should not be possible. When viewing an email message or a newsgroup...

7.1AI score
Exploits0
NVD
NVD
added 2002/12/31 5:0 a.m.10 views

CVE-2002-2202

Outlook Express 6.0 does not delete messages from dbx files, even when a user empties the Deleted items folder, which allows local users to read other users email...

3.8CVSS6.1AI score0.01295EPSS
Exploits1References2
NVD
NVD
added 2002/11/04 5:0 a.m.19 views

CVE-2002-1169

IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x before 4.0.1.26 allows remote attackers to cause a denial of service crash via an HTTP request to helpout.exe with a missing HTTP version number, which causes ibmproxy.exe to crash...

5CVSS6.5AI score0.07124EPSS
Exploits1References5
NVD
NVD
added 2002/11/04 5:0 a.m.12 views

CVE-2002-1168

Cross-site scripting XSS vulnerability in IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x before 4.0.1.26 allows remote attackers to execute script as other users via an HTTP request that contains an Location: header with a "%0a%0d" CRLF sequence, which echoes the Location as an HTTP...

6.8CVSS5.9AI score0.01635EPSS
Exploits0References2
NVD
NVD
added 2002/11/04 5:0 a.m.11 views

CVE-2002-1167

Cross-site scripting XSS vulnerability in IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x before 4.0.1.26 allows remote attackers to execute script as other users via an HTTP GET request...

6.8CVSS5.9AI score0.03278EPSS
Exploits0References2
NVD
NVD
added 2002/10/28 5:0 a.m.17 views

CVE-2002-1179

Buffer overflow in the S/MIME Parsing capability in Microsoft Outlook Express 5.5 and 6.0 allows remote attackers to execute arbitrary code via a digitally signed email with a long "From" address, which triggers the overflow when the user views or previews the message...

7.5CVSS7.8AI score0.2022EPSS
Exploits0References6
Cvelist
Cvelist
added 2002/10/25 4:0 a.m.15 views

CVE-2002-1167

Cross-site scripting XSS vulnerability in IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x before 4.0.1.26 allows remote attackers to execute script as other users via an HTTP GET request...

5.9AI score0.03278EPSS
Exploits0References2
CVE
CVE
added 2002/10/25 4:0 a.m.55 views

CVE-2002-1168

CVE-2002-1168 describes a cross-site scripting (XSS) vulnerability in IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x before 4.0.1.26. An attacker can force the server to echo a CRLF-containing Location header (%0a%0d) in HTTP responses, allowing script execution in the context of anothe...

6.8CVSS6.1AI score0.01635EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2002/10/25 4:0 a.m.50 views

CVE-2002-1167

IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x prior to 4.0.1.26 is affected by a cross-site scripting (XSS) vulnerability that allows remote attackers to execute scripts as other users via an HTTP GET request. The connected documents confirm the affected product and method but do not p...

6.8CVSS5.9AI score0.03278EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2002/10/25 4:0 a.m.15 views

CVE-2002-1168

Cross-site scripting XSS vulnerability in IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x before 4.0.1.26 allows remote attackers to execute script as other users via an HTTP request that contains an Location: header with a "%0a%0d" CRLF sequence, which echoes the Location as an HTTP...

5.9AI score0.01635EPSS
Exploits0References2
securityvulns
securityvulns
added 2002/10/11 12:0 a.m.44 views

Outlook Express Remote Code Execution in Preview Pane (S/MIME)

Outlook Remote Code Execution in Preview Pane S/MIME ------------------------------------------------------------------------ Article reference: http://www.securiteam.com/windowsntfocus/6D00B005PU.html SUMMARY The S/MIME standard attempts to raise the level of trust of email messages by enabling...

1.2AI score
Exploits0
securityvulns
securityvulns
added 2002/10/11 12:0 a.m.43 views

Security Bulletin MS02-058: Unchecked Buffer in Outlook Express S/MIME Parsing Could Enable System Compromise (Q328676)

---------------------------------------------------------------------- Title: Unchecked Buffer in Outlook Express S/MIME Parsing Could Enable System Compromise Q328676 Date: 10 October 2002 Software: Outlook Express Impact: Run code of attacker's choice. Max Risk: Critical Bulletin: MS02-058...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2002/10/11 12:0 a.m.48 views

Outlook Express S/MIME buffer voerflow

Buffer overflow on certificate warning window...

3.5AI score
Exploits0References2Affected Software1
CERT
CERT
added 2002/10/11 12:0 a.m.29 views

Microsoft Java implementation allows execution of malicious code

Overview A class in Microsoft's Java virtual machine VM does not properly validate trusted applets, allowing untrusted applets to exploit native methods and execute arbitrary code. Description Microsoft's Java VM is installed on Windows 98, NT, 2000, and xp. It is used by Internet Explorer and...

7.5CVSS7.1AI score0.19841EPSS
Exploits0References2
exploitpack
exploitpack
added 2002/10/10 12:0 a.m.12 views

Microsoft Outlook Express 5.56.0 - SMIME Buffer Overflow

Microsoft Outlook Express 5.56.0 - SMIME Buffer Overflow source: https://www.securityfocus.com/bid/5944/info Microsoft Outlook Express contains an unchecked buffer in the code that generates warning messages when certain error conditions associated with digital signatures are encountered. Executi...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2002/10/10 12:0 a.m.28 views

Microsoft Outlook Express 5.5/6.0 - S/MIME Buffer Overflow

source: https://www.securityfocus.com/bid/5944/info Microsoft Outlook Express contains an unchecked buffer in the code that generates warning messages when certain error conditions associated with digital signatures are encountered. Execution of arbitrary code in the security context of the curre...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2002/09/12 12:0 a.m.38 views

Bypassing SMTP Content Protection with a Flick of a Button

Bypassing SMTP Content Protection with a Flick of a Button ------------------------------------------------------------------------ Article reference: http://www.securiteam.com/securitynews/5YP0A0K8CM.html SUMMARY Forget underground hacking tools. How about using Outlook Express as your attack...

6.7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2002/09/10 12:0 a.m.3 views

PT-2002-1876 · Microsoft · Outlook Express For Mac +3

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions 98 through XP Office for Mac affected versions not specified Internet Explorer for Mac affected versions not specified Outlook Express for Mac affected versions not specified Description: The issue concerns the...

6.8CVSS6.2AI score0.18675EPSS
Exploits0References12
exploitpack
exploitpack
added 2002/09/09 12:0 a.m.18 views

Alleged Outlook Express 56 Link - Denial of Service

Alleged Outlook Express 56 Link - Denial of Service source: https://www.securityfocus.com/bid/5682/info Reportedly, when decoding a HTML email, Outlook Express will stop responding upon encountering a link longer than 4095 characters. It is not confirmed why this behaviour occurs...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2002/09/09 12:0 a.m.30 views

Alleged Outlook Express 5/6 Link - Denial of Service

source: https://www.securityfocus.com/bid/5682/info Reportedly, when decoding a HTML email, Outlook Express will stop responding upon encountering a link longer than 4095 characters. It is not confirmed why this behaviour occurs...

7.4AI score
Exploits0
Rows per page
Query Builder