Lucene search
K

5458 matches found

securityvulns
securityvulns
added 2002/04/24 12:0 a.m.31 views

Special DOS-device access in Microsoft Outlook Express

It's possible to hang Outlooks Express by using prn: device as a name for bgsound or iframe. It's also possible to send data to special device...

2.3AI score
Exploits0References1Affected Software1
Exploit DB
Exploit DB
added 2002/04/24 12:0 a.m.20 views

Microsoft Outlook Express 5.5 - Denial of Service Device Denial of Service

source: https://www.securityfocus.com/bid/4584/info A denial of service issue has been reported in Microsoft Outlook Express. Reportedly, Outlook Express does not adequately handle unusually crafted HTML mail messages. Modifying the BGSOUND or IFRAME tag to contain a URL pointing to a DOS device,...

7AI score
Exploits0
securityvulns
securityvulns
added 2002/04/17 12:0 a.m.40 views

w00w00 on Microsoft IE/Office for Mac OS

w00w00 http://www.w00w00.org Angry Packet Security http://sec.angrypacket.com Vulnerability in Multiple Microsoft Products for Mac OS HTML format: http://www.w00w00.org/advisories/msmacos.html Text format: http://www.w00w00.org/files/advisories/msmacos.txt SOFTWARE VERSIONS AFFECTED Microsft...

7.5AI score
Exploits0
securityvulns
securityvulns
added 2002/04/15 12:0 a.m.32 views

More fun with html mail: Outlook Express, Internet Explorer, Other etc

Sunday, April 14, 2002 1. Not Possible Technically it cannot be possible to create an html mail message from a mailto url scheme without user input. However shoe-horning html in through insertion of script tags does make it possible. Default installation of Outlook Express and probably Outlook, i...

Exploits0
securityvulns
securityvulns
added 2002/04/03 12:0 a.m.42 views

Outlook Express Attach Execution Exploit (img tag + innerHTML + TIF dos name)

Using some informations posted on Bugtraq in this week, I found a very simple way to exploit "download&execution" of an .EXE file, directly from Outlook Express. This is my report: When an HTML page attached into a message, is started, it runs in the security zone of "Temporary Internet Files" TI...

6.6AI score
Exploits0
securityvulns
securityvulns
added 2002/03/28 12:0 a.m.25 views

HELP.dropper: IE6, OE6, Outlook...lookOut

Thursday, 28 March, 2002 Silent delivery and installation of an executable on a target computer. No client input other than opening an email or newsgroup post or web site. This can be accomplished with the default installation of Internet Explorer 6.0, Outlook Express 6.0 and probably Outlook and...

6.7AI score
Exploits0
CERT
CERT
added 2002/03/04 12:0 a.m.35 views

Cisco IOS discloses fragments of previous packets when Express Forwarding is enabled

Overview A vulnerability exists in multiple versions of Cisco's Internetworking Operating System IOS software that allows an attacker to collect fragments of previously processed packets. Description Many networking devices running Cisco IOS with Cisco Express Forwarding CEF enabled contain a...

5CVSS6AI score0.01781EPSS
Exploits0References2
securityvulns
securityvulns
added 2002/02/28 12:0 a.m.33 views

Cisco Security Advisory: Data Leak with Cisco Express Forwarding

-----BEGIN PGP SIGNED MESSAGE----- Cisco Security Advisory: Data Leak with Cisco Express Forwarding Enabled Revision 1.0 For Public Release 2002 February 27 08:00 UTC -0800 - -------------------------------------------------------------------------- Summary ======= All Cisco devices running Cisco...

7.2AI score
Exploits0
Cisco
Cisco
added 2002/02/27 4:0 p.m.24 views

Data Leak with Cisco Express Forwarding Enabled

...

5CVSS1.9AI score0.01781EPSS
Exploits0References1
CVE
CVE
added 2002/02/02 5:0 a.m.51 views

CVE-2001-0945

CVE-2001-0945 describes a buffer overflow in Outlook Express 5.0–5.02 for Macintosh triggered by an email message containing a long line, allowing remote attackers to cause a denial of service. The underlying issue is a buffer overflow in handling long lines; impact is a denial of service with pa...

5CVSS7.3AI score0.19788EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2002/02/02 5:0 a.m.22 views

CVE-2001-0999

Outlook Express 6.00 allows remote attackers to execute arbitrary script by embedding SCRIPT tags in a message whose MIME content type is text/plain, contrary to the expected behavior that text/plain messages will not run script...

7.3AI score0.12292EPSS
Exploits0References4
CVE
CVE
added 2002/02/02 5:0 a.m.53 views

CVE-2001-0999

CVE-2001-0999 concerns Outlook Express 6.00, where remote attackers could cause arbitrary script execution by embedding SCRIPT tags in a message with MIME type text/plain. This contradicts the expected behavior that text/plain messages do not run scripts. The available references (NVD, CVE List) ...

7.5CVSS7.7AI score0.12292EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2002/02/02 5:0 a.m.18 views

CVE-2001-0945

Buffer overflow in Outlook Express 5.0 through 5.02 for Macintosh allows remote attackers to cause a denial of service via an e-mail message that contains a long line...

6.9AI score0.19788EPSS
Exploits0References3
NVD
NVD
added 2001/12/31 5:0 a.m.15 views

CVE-2001-1547

Outlook Express 6.0, with "Do not allow attachments to be saved or opened that could potentially be a virus" enabled, does not block email attachments from forwarded messages, which could allow remote attackers to execute arbitrary code...

7.5CVSS7.4AI score0.13737EPSS
Exploits0References3
securityvulns
securityvulns
added 2001/12/04 12:0 a.m.27 views

Переполнение буфера в Outlook Express for Macintosh (buffer overflow)

Переполнение буфера при длинной строке в письме...

2.3AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2001/12/04 12:0 a.m.19 views

Buffer over flow on Outlook express for Macintosh

--------------------------------------------------------------------- Buffer over flow on Outlook express for Macintosh Problem first discoverd:2001.7.26 Discoverd by: awacs@hawkeye Published: 2001.12.03 --------------------------------------------------------------------- Description: Outlook...

0.1AI score
Exploits0
NVD
NVD
added 2001/12/03 5:0 a.m.13 views

CVE-2001-0945

Buffer overflow in Outlook Express 5.0 through 5.02 for Macintosh allows remote attackers to cause a denial of service via an e-mail message that contains a long line...

5CVSS6.9AI score0.19788EPSS
Exploits0References3
securityvulns
securityvulns
added 2001/11/23 12:0 a.m.43 views

Проблемы с Secure Password Authentication в Outlook Express (weak encryption)

Авторизацию в Outlook Expres можно использовать для доступа к корпоративным ресурсам...

1.2AI score
Exploits0Affected Software1
security_vulns
security_vulns
added 2001/11/22 12:0 a.m.27 views

Outlook Express and SPA (Secure Password Authentication)

Topic: Outlook Express and SPA Secure Password Authentication Author: 3APA3A Affected Software: Internet Explorer 5.5, 6.0 Vendor: Microsoft Status: Informational 1. Background: Outlook Express doesn't support CRAM-MD5 or APOP and there is only one way to authenticate user on POP3/IMAP/SMTP serve...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2001/10/20 12:0 a.m.121 views

Outlook Express and SPA (Secure Password Authentication)

Topic: Outlook Express and SPA Secure Password Authentication Author: 3APA3A [email protected] Affected Software: Internet Explorer 5.5, 6.0 Vendor: Microsoft Status: Informational 1. Background: Outlook Express doesn't support CRAM-MD5 or APOP and there is only one way to authenticate user...

7.3AI score
Exploits0
Rows per page
Query Builder