Lucene search
K

5506 matches found

NVD
NVD
added 2001/12/31 5:0 a.m.16 views

CVE-2001-1547

Outlook Express 6.0, with "Do not allow attachments to be saved or opened that could potentially be a virus" enabled, does not block email attachments from forwarded messages, which could allow remote attackers to execute arbitrary code...

7.5CVSS7.4AI score0.13737EPSS
Exploits0References3
securityvulns
securityvulns
added 2001/12/04 12:0 a.m.21 views

Buffer over flow on Outlook express for Macintosh

--------------------------------------------------------------------- Buffer over flow on Outlook express for Macintosh Problem first discoverd:2001.7.26 Discoverd by: awacs@hawkeye Published: 2001.12.03 --------------------------------------------------------------------- Description: Outlook...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2001/12/04 12:0 a.m.28 views

Переполнение буфера в Outlook Express for Macintosh (buffer overflow)

Переполнение буфера при длинной строке в письме...

2.3AI score
Exploits0References1Affected Software1
NVD
NVD
added 2001/12/03 5:0 a.m.15 views

CVE-2001-0945

Buffer overflow in Outlook Express 5.0 through 5.02 for Macintosh allows remote attackers to cause a denial of service via an e-mail message that contains a long line...

5CVSS6.9AI score0.19788EPSS
Exploits0References3
securityvulns
securityvulns
added 2001/11/23 12:0 a.m.45 views

Проблемы с Secure Password Authentication в Outlook Express (weak encryption)

Авторизацию в Outlook Expres можно использовать для доступа к корпоративным ресурсам...

1.2AI score
Exploits0Affected Software1
security_vulns
security_vulns
added 2001/11/22 12:0 a.m.30 views

Outlook Express and SPA (Secure Password Authentication)

Topic: Outlook Express and SPA Secure Password Authentication Author: 3APA3A Affected Software: Internet Explorer 5.5, 6.0 Vendor: Microsoft Status: Informational 1. Background: Outlook Express doesn't support CRAM-MD5 or APOP and there is only one way to authenticate user on POP3/IMAP/SMTP serve...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2001/10/20 12:0 a.m.122 views

Outlook Express and SPA (Secure Password Authentication)

Topic: Outlook Express and SPA Secure Password Authentication Author: 3APA3A [email protected] Affected Software: Internet Explorer 5.5, 6.0 Vendor: Microsoft Status: Informational 1. Background: Outlook Express doesn't support CRAM-MD5 or APOP and there is only one way to authenticate user...

7.3AI score
Exploits0
Cvelist
Cvelist
added 2001/09/12 4:0 a.m.32 views

CVE-1999-1016

Microsoft HTML control as used in 1 Internet Explorer 5.0, 2 FrontPage Express, 3 Outlook Express 5, and 4 Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service 100% CPU consumption via large HTML form fields such as text inputs in a table cell...

7.4AI score0.07702EPSS
Exploits1References2
NVD
NVD
added 2001/09/12 4:0 a.m.16 views

CVE-2001-0999

Outlook Express 6.00 allows remote attackers to execute arbitrary script by embedding SCRIPT tags in a message whose MIME content type is text/plain, contrary to the expected behavior that text/plain messages will not run script...

7.5CVSS7.3AI score0.12292EPSS
Exploits0References4
CVE
CVE
added 2001/09/12 4:0 a.m.46 views

CVE-1999-1033

Affected product: Microsoft Outlook Express prior to 4.72.3612.1700. Root cause: parsing of a message containing .. can cause Outlook to re-enter POP3 command mode. Impact: POP3 session hang (partial availability). Evidence: description and records in CVE-1999-1033 family. Remediation: apply patc...

5CVSS7AI score0.17503EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2001/09/12 4:0 a.m.25 views

CVE-1999-1033

Microsoft Outlook Express before 4.72.3612.1700 allows a malicious user to send a message that contains a .., which can inadvertently cause Outlook to re-enter POP3 command mode and cause the POP3 session to hang...

6.5AI score0.17503EPSS
Exploits1References3
securityvulns
securityvulns
added 2001/09/03 12:0 a.m.60 views

Большая дырка в Outlook Express (E-mail execution)

Можно заставить Outlook Express выполнить файл прикрепленный к письму указав тип MIME подразумевающий его немедленное открытие например поточное видео. Кроме того, имеются переполнения буфера. Имя файла обрезается до определенной позиции, что позволяет обойти защиту, используя безопасное...

0.9AI score
Exploits0References6Affected Software1
securityvulns
securityvulns
added 2001/09/03 12:0 a.m.43 views

OE6 + VBS + WSH + WIN200 + XP + HTML.DROPPER

We're examining resubmitting to bugtraq html.dropper now updated to in include an .exe http://www.securityfocus.com/bid/2260 - apparently the manufacturer didn't consider the original submission worthy of fixing as the same problem has been carried over to Outlook Express 6.00. On a default insta...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2001/08/30 12:0 a.m.49 views

Выполнение кода в Outlook Express 6.00 (code execution)

Несмотря на установки зон безопасности можно запустить на выполнение внедренный в письмо .exe-файл используя его как SRC для фрейма...

0.9AI score
Exploits0References1Affected Software1
exploitpack
exploitpack
added 2001/08/30 12:0 a.m.18 views

Outlook Express 6 - Attachment Security Bypass

Outlook Express 6 - Attachment Security Bypass source: https://www.securityfocus.com/bid/3271/info Microsoft Outlook Express 6 contains a new security feature which prevents users from opening potentially harmful file attachments. A vulnerability exists which allows a file embedded within an HTML...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2001/08/30 12:0 a.m.25 views

carol clickme: Outlook Express 6.00

Wednesday, August 29, 2001 Trivial file attachment execution on the new Outlook Express 6.00 mail and news client. This can be achieved with an amount of engineering and all new so-called security features enabled. The manufacturer http://www.microsoft.com has done a splendid job so farof beefing...

7.2AI score
Exploits0
Exploit DB
Exploit DB
added 2001/08/30 12:0 a.m.23 views

Outlook Express 6 - Attachment Security Bypass

source: https://www.securityfocus.com/bid/3271/info Microsoft Outlook Express 6 contains a new security feature which prevents users from opening potentially harmful file attachments. A vulnerability exists which allows a file embedded within an HTML frame in an email message to bypass the...

7AI score
Exploits0
NVD
NVD
added 2001/06/05 4:0 a.m.17 views

CVE-2001-1088

Microsoft Outlook 8.5 and earlier, and Outlook Express 5 and earlier, with the "Automatically put people I reply to in my address book" option enabled, do not notify the user when the "Reply-To" address is different than the "From" address, which could allow an untrusted remote attacker to spoof...

7.5CVSS6.5AI score0.19711EPSS
Exploits1References4
exploitpack
exploitpack
added 2001/06/05 12:0 a.m.11 views

Microsoft Outlook 9798200045 - Address Book Spoofing

Microsoft Outlook 9798200045 - Address Book Spoofing source: https://www.securityfocus.com/bid/2823/info Outlook Express is the standard e-mail client that is shipped with Microsoft Windows 9x/ME/NT. The address book in Outlook Express is normally configured to make entries for all addresses that...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2001/06/05 12:0 a.m.38 views

Microsoft Outlook 97/98/2000/4/5 - Address Book Spoofing

source: https://www.securityfocus.com/bid/2823/info Outlook Express is the standard e-mail client that is shipped with Microsoft Windows 9x/ME/NT. The address book in Outlook Express is normally configured to make entries for all addresses that are replied to by the user of the mail client. An...

7.4AI score
Exploits0
Rows per page
Query Builder