Lucene search
K

5458 matches found

CVE
CVE
added 2001/09/12 4:0 a.m.45 views

CVE-1999-1033

Affected product: Microsoft Outlook Express prior to 4.72.3612.1700. Root cause: parsing of a message containing .. can cause Outlook to re-enter POP3 command mode. Impact: POP3 session hang (partial availability). Evidence: description and records in CVE-1999-1033 family. Remediation: apply patc...

5CVSS7AI score0.17503EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2001/09/12 4:0 a.m.31 views

CVE-1999-1016

Microsoft HTML control as used in 1 Internet Explorer 5.0, 2 FrontPage Express, 3 Outlook Express 5, and 4 Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service 100% CPU consumption via large HTML form fields such as text inputs in a table cell...

7.4AI score0.07702EPSS
Exploits1References2
Cvelist
Cvelist
added 2001/09/12 4:0 a.m.24 views

CVE-1999-1033

Microsoft Outlook Express before 4.72.3612.1700 allows a malicious user to send a message that contains a .., which can inadvertently cause Outlook to re-enter POP3 command mode and cause the POP3 session to hang...

6.5AI score0.17503EPSS
Exploits1References3
NVD
NVD
added 2001/09/12 4:0 a.m.15 views

CVE-2001-0999

Outlook Express 6.00 allows remote attackers to execute arbitrary script by embedding SCRIPT tags in a message whose MIME content type is text/plain, contrary to the expected behavior that text/plain messages will not run script...

7.5CVSS7.3AI score0.12292EPSS
Exploits0References4
securityvulns
securityvulns
added 2001/09/03 12:0 a.m.53 views

Большая дырка в Outlook Express (E-mail execution)

Можно заставить Outlook Express выполнить файл прикрепленный к письму указав тип MIME подразумевающий его немедленное открытие например поточное видео. Кроме того, имеются переполнения буфера. Имя файла обрезается до определенной позиции, что позволяет обойти защиту, используя безопасное...

0.9AI score
Exploits0References6Affected Software1
securityvulns
securityvulns
added 2001/09/03 12:0 a.m.42 views

OE6 + VBS + WSH + WIN200 + XP + HTML.DROPPER

We're examining resubmitting to bugtraq html.dropper now updated to in include an .exe http://www.securityfocus.com/bid/2260 - apparently the manufacturer didn't consider the original submission worthy of fixing as the same problem has been carried over to Outlook Express 6.00. On a default insta...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2001/08/30 12:0 a.m.48 views

Выполнение кода в Outlook Express 6.00 (code execution)

Несмотря на установки зон безопасности можно запустить на выполнение внедренный в письмо .exe-файл используя его как SRC для фрейма...

0.9AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2001/08/30 12:0 a.m.24 views

carol clickme: Outlook Express 6.00

Wednesday, August 29, 2001 Trivial file attachment execution on the new Outlook Express 6.00 mail and news client. This can be achieved with an amount of engineering and all new so-called security features enabled. The manufacturer http://www.microsoft.com has done a splendid job so farof beefing...

7.2AI score
Exploits0
exploitpack
exploitpack
added 2001/08/30 12:0 a.m.16 views

Outlook Express 6 - Attachment Security Bypass

Outlook Express 6 - Attachment Security Bypass source: https://www.securityfocus.com/bid/3271/info Microsoft Outlook Express 6 contains a new security feature which prevents users from opening potentially harmful file attachments. A vulnerability exists which allows a file embedded within an HTML...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2001/08/30 12:0 a.m.23 views

Outlook Express 6 - Attachment Security Bypass

source: https://www.securityfocus.com/bid/3271/info Microsoft Outlook Express 6 contains a new security feature which prevents users from opening potentially harmful file attachments. A vulnerability exists which allows a file embedded within an HTML frame in an email message to bypass the...

7AI score
Exploits0
NVD
NVD
added 2001/06/05 4:0 a.m.14 views

CVE-2001-1088

Microsoft Outlook 8.5 and earlier, and Outlook Express 5 and earlier, with the "Automatically put people I reply to in my address book" option enabled, do not notify the user when the "Reply-To" address is different than the "From" address, which could allow an untrusted remote attacker to spoof...

7.5CVSS6.5AI score0.19711EPSS
Exploits1References4
exploitpack
exploitpack
added 2001/06/05 12:0 a.m.9 views

Microsoft Outlook 9798200045 - Address Book Spoofing

Microsoft Outlook 9798200045 - Address Book Spoofing source: https://www.securityfocus.com/bid/2823/info Outlook Express is the standard e-mail client that is shipped with Microsoft Windows 9x/ME/NT. The address book in Outlook Express is normally configured to make entries for all addresses that...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2001/06/05 12:0 a.m.37 views

Microsoft Outlook 97/98/2000/4/5 - Address Book Spoofing

source: https://www.securityfocus.com/bid/2823/info Outlook Express is the standard e-mail client that is shipped with Microsoft Windows 9x/ME/NT. The address book in Outlook Express is normally configured to make entries for all addresses that are replied to by the user of the mail client. An...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2001/06/02 12:0 a.m.152 views

SECURITY.NNOV: Outlook Express address book vulnerability

Issue : Outlook Express address book allows messages to be intercepted by 3rd party Date Released : 16 March 2001 Vendor Notified : 16 March 2001 Author : 3APA3A [email protected] Affected : Outlook Exress 5.5SP1 and prior Discovered : 18 December 2000 by 3APA3A Remotely Exploitable : Yes...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2001/04/21 12:0 a.m.26 views

iexslt.txt

[email protected] Georgi Guninski security advisory 43, 2001 XML scripting in IE, Outlook Express Systems affected: Internet Explorer 5.x - including full patched up to now though Microsoft cannot reproduce the problem on fully patched IE 5.x ,Outlook Express probably Outlook have not tested...

7.4AI score
Exploits0
NVD
NVD
added 2001/04/20 4:0 a.m.25 views

CVE-2001-1325

Internet Explorer 5.0 and 5.5, and Outlook Express 5.0 and 5.5, allow remote attackers to execute scripts when Active Scripting is disabled by including the scripts in XML stylesheets XSL that are referenced using an IFRAME tag, possibly due to a vulnerability in Windows Scripting Host WSH...

7.5CVSS6.6AI score0.27292EPSS
Exploits1References3
exploitpack
exploitpack
added 2001/04/20 12:0 a.m.14 views

Microsoft Internet Explorer 5.05.5 OE 5.5 - XML Stylesheets Active Scripting

Microsoft Internet Explorer 5.05.5 OE 5.5 - XML Stylesheets Active Scripting source: https://www.securityfocus.com/bid/2633/info A vulnerability exists in the handling of XML stylesheets in Internet Explorer and Outlook Express. If active scripting is disabled in all security zones, IE and OE wil...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2001/04/20 12:0 a.m.34 views

Microsoft Internet Explorer 5.0/5.5 / OE 5.5 - XML Stylesheets Active Scripting

source: https://www.securityfocus.com/bid/2633/info A vulnerability exists in the handling of XML stylesheets in Internet Explorer and Outlook Express. If active scripting is disabled in all security zones, IE and OE will still allow script to run if it is contained in the stylesheet of an XML...

7.4AI score
Exploits0
security_vulns
security_vulns
added 2001/04/16 12:0 a.m.54 views

Microsoft Outlook Express address book vulnerability

Issue : Outlook Express address book allows messages to be intercepted by 3rd party Date Released : 16 March 2001 Vendor Notified : 16 March 2001 Affected : Outlook Exress 5.5SP1 and prior Risk : Low/Average Discovered : 18 December 2000 by 3APA3A Remotely Exploitable : Yes Vendor URL :...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2001/04/07 12:0 a.m.71 views

A subject line buffer overflow in Outlook Express (was Re: EML Content Spoofing and Informed Consent)

----- Original Message ----- From: "Dan Kaminsky" [email protected] To: [email protected] Sent: Wednesday, April 04, 2001 5:52 PM Subject: EML Content Spoofing and Informed Consent was: Re: MS patch Q292108 opens a vulnerability snip The short version of this: If I try to open a MP3 file...

7.5AI score
Exploits0
Rows per page
Query Builder