Outlook Express@* Security Vulnerabilities and Issues — Outlook Express@* CVE List

Lucene search

MicrosoftOutlook Express*

5 matches found

CVE•added 2007/07/27 10:30 p.m.•48 views

CVE-2007-4040

Argument injection vulnerability involving Microsoft Outlook and Outlook Express, when certain URIs are registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in an unspecified URI, which are inserted into the command l...

8.8CVSS8.1AI score0.49726EPSS

CVE•added 2001/09/12 4:0 a.m.•47 views

CVE-1999-1164

Microsoft Outlook client allows remote attackers to cause a denial of service by sending multiple email messages with the same X-UIDL headers, which causes Outlook to hang.

5CVSS7AI score0.06904EPSS

CVE•added 2007/10/09 10:17 p.m.•45 views

CVE-2007-3897

Heap-based buffer overflow in Microsoft Outlook Express 6 and earlier, and Windows Mail for Vista, allows remote Network News Transfer Protocol (NNTP) servers to execute arbitrary code via long NNTP responses that trigger memory corruption.

9.3CVSS7.8AI score0.64036EPSS

CVE•added 2000/01/04 5:0 a.m.•40 views

CVE-1999-0967

Buffer overflow in the HTML library used by Internet Explorer, Outlook Express, and Windows Explorer via the res: local resource protocol.

10CVSS7.5AI score0.17916EPSS

CVE•added 2001/09/12 4:0 a.m.•33 views

CVE-1999-1033

Microsoft Outlook Express before 4.72.3612.1700 allows a malicious user to send a message that contains a .., which can inadvertently cause Outlook to re-enter POP3 command mode and cause the POP3 session to hang.

5CVSS7AI score0.08757EPSS