Lucene search
K

5458 matches found

exploitpack
exploitpack
added 2002/08/15 12:0 a.m.14 views

Microsoft Outlook Express 56 - MHTML URL Handler File Rendering

Microsoft Outlook Express 56 - MHTML URL Handler File Rendering source: https://www.securityfocus.com/bid/5473/info Microsoft Outlook Express introduced a URL handler called MHTML MIME Encapsulation of Aggregate HTML. This allows Internet Explorer to pass MHTML files to Outlook Express for...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2002/08/15 12:0 a.m.42 views

Microsoft Outlook Express 5/6 - MHTML URL Handler File Rendering

source: https://www.securityfocus.com/bid/5473/info Microsoft Outlook Express introduced a URL handler called MHTML MIME Encapsulation of Aggregate HTML. This allows Internet Explorer to pass MHTML files to Outlook Express for rendering. The MHTML URL handler does not validate the file type it is...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2002/07/29 12:0 a.m.15 views

Microsoft Outlook Express 6 - .XML File Attachment Script Execution

Microsoft Outlook Express 6 - .XML File Attachment Script Execution source: https://www.securityfocus.com/bid/5350/info An error has been reported in Microsoft Outlook Express which may allow malicious XML file attachments to execute arbitrary code in the context of the local system. Code executi...

7.5AI score
Exploits0
Exploit DB
Exploit DB
added 2002/07/29 12:0 a.m.22 views

Microsoft Outlook Express 6 - '.XML' File Attachment Script Execution

source: https://www.securityfocus.com/bid/5350/info An error has been reported in Microsoft Outlook Express which may allow malicious XML file attachments to execute arbitrary code in the context of the local system. Code execution could occur when the file attachment is opened, without further...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2002/07/20 12:0 a.m.10 views

Microsoft Outlook Express 56 - Spoofable File Extensions

Microsoft Outlook Express 56 - Spoofable File Extensions source: https://www.securityfocus.com/bid/5277/info It is possible for a malicious user, sending email via a mail agent capable of manipulating the MIME headers, to spoof file extensions for users of Outlook Express. For example, an .exe fi...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2002/07/20 12:0 a.m.21 views

Microsoft Outlook Express 5/6 - Spoofable File Extensions

source: https://www.securityfocus.com/bid/5277/info It is possible for a malicious user, sending email via a mail agent capable of manipulating the MIME headers, to spoof file extensions for users of Outlook Express. For example, an .exe file can be made to look like a .txt or other seemingly...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2002/07/04 4:0 a.m.18 views

CVE-2002-0637

InterScan VirusWall 3.52 build 1462 allows remote attackers to bypass virus protection via e-mail messages with headers that violate RFC specifications by having or missing space characters in unexpected places aka "space gap", such as 1 Content-Type :", 2 "Content-Transfer-Encoding :", 3 no spac...

6.7AI score0.05746EPSS
Exploits0References2
CVE
CVE
added 2002/06/25 4:0 a.m.63 views

CVE-2001-1088

Affected products: Microsoft Outlook 8.5 and earlier; Outlook Express 5 and earlier. Vulnerability: When the option “Automatically put people I reply to in my address book” is enabled, the client does not notify the user if the reply-to address differs from the from address, enabling a remote att...

7.5CVSS6.9AI score0.19711EPSS
Exploits1References4Affected Software2
NVD
NVD
added 2002/06/25 4:0 a.m.26 views

CVE-2002-0339

Cisco IOS 11.1CC through 12.2 with Cisco Express Forwarding CEF enabled includes portions of previous packets in the padding of a MAC level packet when the MAC packet's length is less than the IP level packet length...

5CVSS6.5AI score0.01781EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2002/06/05 12:0 a.m.27 views

Cisco IOS Cisco Express Forwarding (CEF) Previous Packet Information Disclosure (CSCdu20643)

If the remote device has Cisco Express Forwarding CEF enabled, it may leak information from previous packets that have been handled by the device. An attacker may use this flaw to sniff your network remotely. This vulnerability is documented as Cisco Bug ID CSCdu20643. C Tenable Network Security,...

5CVSS5.6AI score0.01781EPSS
Exploits0References1
NVD
NVD
added 2002/05/31 4:0 a.m.14 views

CVE-2002-0285

Outlook Express 5.5 and 6.0 on Windows treats a carriage return "CR" in a message header as if it were a valid carriage return/line feed combination CR/LF, which could allow remote attackers to bypass virus protection and or other filtering mechanisms via a mail message with headers that only...

7.5CVSS6.7AI score0.12316EPSS
Exploits0References3
securityvulns
securityvulns
added 2002/05/17 12:0 a.m.53 views

Re: dH team & SECURITY.NNOV: special device access, information leakage and DoS in Outlook Express

At Wednesday 5/15/2002 03:11 PM +0400, you wrote: Title: Special device access and DoS in Microsoft Internet Exporer/Outlook Express/Outlook All versions of Windows have a reserved filenames referred to special devices such as prn, aux, nul, etc also called DOS devices. This might be related to a...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2002/05/15 12:0 a.m.47 views

dH team & SECURITY.NNOV: special device access, information leakage and DoS in Outlook Express

Русская версия этой advisory приведена ниже. Original version of this advisory: http://www.security.nnov.ru/advisories/msiedos.asp Title: Special device access and DoS in Microsoft Internet Exporer/Outlook Express/Outlook Authors: ERRor, 3APA3A Date: May, 14 2002 Affected: Internet Explorer 6.0...

Exploits0
security_vulns
security_vulns
added 2002/05/14 12:0 a.m.25 views

Special device access and DoS in Microsoft Internet Exporer

Title: special device access and DoS in Microsoft Internet Exporer/Outlook Express/Outlook Authors: ERRor, 3APA3A Date: May, 14 2002 Affected: Internet Explorer 6.0 Vendor: Microsoft Risk: Average to high Remote: Yes Exploitable: Yes Vendor notified: April, 24 2002 Intro: All versions of Windows...

0.2AI score
Exploits0
Cvelist
Cvelist
added 2002/05/03 4:0 a.m.24 views

CVE-2002-0285

Outlook Express 5.5 and 6.0 on Windows treats a carriage return "CR" in a message header as if it were a valid carriage return/line feed combination CR/LF, which could allow remote attackers to bypass virus protection and or other filtering mechanisms via a mail message with headers that only...

6.7AI score0.12316EPSS
Exploits0References3
CVE
CVE
added 2002/05/03 4:0 a.m.61 views

CVE-2002-0285

Outlook Express 5.5 and 6.0 on Windows is affected. A CR in a message header is treated as a valid CR/LF, allowing header splitting that can bypass virus protection and other filters by sending a mail message whose headers contain only the CR, which causes Outlook to create separate headers. Root...

7.5CVSS7.1AI score0.12316EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2002/05/03 4:0 a.m.35 views

CVE-2001-1325

Internet Explorer 5.0 and 5.5, and Outlook Express 5.0 and 5.5, allow remote attackers to execute scripts when Active Scripting is disabled by including the scripts in XML stylesheets XSL that are referenced using an IFRAME tag, possibly due to a vulnerability in Windows Scripting Host WSH...

7.6AI score0.27292EPSS
Exploits1References3
CVE
CVE
added 2002/05/03 4:0 a.m.68 views

CVE-2001-1325

CVE-2001-1325 affects Internet Explorer 5.0/5.5 and Outlook Express 5.0/5.5. The vulnerability allows remote script execution when Active Scripting is disabled if scripts are embedded in XML stylesheets (XSL) loaded via an IFRAME, potentially tied to Windows Scripting Host (WSH). OpenVAS findings...

7.5CVSS7.6AI score0.27292EPSS
Exploits1References3Affected Software2
securityvulns
securityvulns
added 2002/04/24 12:0 a.m.22 views

Special DOS device DoS against Microsoft Outlook Express

Summary: ======== Affected: Outlook Express 5.5, 6.0 with all fixes Not tested: Microsoft Outlook Vendor: Microsoft Risk: Average Remote: Yes Exploitable: Yes Description: ========== Outlook Express hangs on HTML message with BGSOUND or IFRAME tag pointing to special device. Outlook Express will...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2002/04/24 12:0 a.m.10 views

Microsoft Outlook Express 5.5 - Denial of Service Device Denial of Service

Microsoft Outlook Express 5.5 - Denial of Service Device Denial of Service source: https://www.securityfocus.com/bid/4584/info A denial of service issue has been reported in Microsoft Outlook Express. Reportedly, Outlook Express does not adequately handle unusually crafted HTML mail messages...

7.3AI score
Exploits0
Rows per page
Query Builder