Lucene search

K
MicrosoftOutlook Express5.5

13 matches found

CVE
CVE
added 2010/05/12 11:46 a.m.119 views

CVE-2010-0816

Integer overflow in inetcomm.dll in Microsoft Outlook Express 5.5 SP2, 6, and 6 SP1; Windows Live Mail on Windows XP SP2 and SP3, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7; and Windows Mail on Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, an...

9.3CVSS7.6AI score0.55445EPSS
CVE
CVE
added 2004/08/06 4:0 a.m.62 views

CVE-2004-0526

Unknown versions of Internet Explorer and Outlook allow remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attac...

5CVSS7AI score0.51338EPSS
CVE
CVE
added 2008/08/13 12:41 a.m.60 views

CVE-2008-1448

The MHTML protocol handler in a component of Microsoft Outlook Express 5.5 SP2 and 6 through SP1, and Windows Mail, does not assign the correct Internet Explorer Security Zone to UNC share pathnames, which allows remote attackers to bypass intended access restrictions and read arbitrary files via a...

7.1CVSS6.2AI score0.45538EPSS
CVE
CVE
added 2002/05/03 4:0 a.m.57 views

CVE-2001-1325

Internet Explorer 5.0 and 5.5, and Outlook Express 5.0 and 5.5, allow remote attackers to execute scripts when Active Scripting is disabled by including the scripts in XML stylesheets (XSL) that are referenced using an IFRAME tag, possibly due to a vulnerability in Windows Scripting Host (WSH).

7.5CVSS7.6AI score0.13842EPSS
CVE
CVE
added 2002/06/25 4:0 a.m.53 views

CVE-2001-1088

Microsoft Outlook 8.5 and earlier, and Outlook Express 5 and earlier, with the "Automatically put people I reply to in my address book" option enabled, do not notify the user when the "Reply-To" address is different than the "From" address, which could allow an untrusted remote attacker to spoof le...

7.5CVSS6.9AI score0.31947EPSS
CVE
CVE
added 2002/05/31 4:0 a.m.50 views

CVE-2002-0285

Outlook Express 5.5 and 6.0 on Windows treats a carriage return ("CR") in a message header as if it were a valid carriage return/line feed combination (CR/LF), which could allow remote attackers to bypass virus protection and or other filtering mechanisms via a mail message with headers that only c...

7.5CVSS7.1AI score0.06992EPSS
CVE
CVE
added 2005/06/14 4:0 a.m.50 views

CVE-2005-1213

Stack-based buffer overflow in the news reader for Microsoft Outlook Express (MSOE.DLL) 5.5 SP2, 6, and 6 SP1 allows remote malicious NNTP servers to execute arbitrary code via a LIST response with a long second field.

7.5CVSS7.6AI score0.83908EPSS
CVE
CVE
added 2001/06/02 4:0 a.m.45 views

CVE-2001-0322

MSHTML.DLL HTML parser in Internet Explorer 4.0, and other versions, allows remote attackers to cause a denial of service (application crash) via a script that creates and deletes an object that is associated with the browser window object.

5CVSS6.8AI score0.13452EPSS
CVE
CVE
added 2004/05/04 4:0 a.m.42 views

CVE-2004-0380

The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help (CHM) file that references the InfoTech Storage (ITS) ...

10CVSS7.1AI score0.81694EPSS
CVE
CVE
added 2006/04/12 12:2 a.m.42 views

CVE-2006-0014

Buffer overflow in Microsoft Outlook Express 5.5 and 6 allows remote attackers to execute arbitrary code via a crafted Windows Address Book (WAB) file containing "certain Unicode strings" and modified length values.

5.1CVSS7.5AI score0.41401EPSS
CVE
CVE
added 2006/12/13 1:28 a.m.42 views

CVE-2006-2386

Unspecified vulnerability in Microsoft Outlook Express 6 and earlier allows remote attackers to execute arbitrary code via a crafted contact record in a Windows Address Book (WAB) file.

6.8CVSS7.4AI score0.54734EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.41 views

CVE-2002-1179

Buffer overflow in the S/MIME Parsing capability in Microsoft Outlook Express 5.5 and 6.0 allows remote attackers to execute arbitrary code via a digitally signed email with a long "From" address, which triggers the overflow when the user views or previews the message.

7.5CVSS8.2AI score0.4647EPSS
CVE
CVE
added 2005/11/16 9:17 p.m.41 views

CVE-2002-2164

Buffer overflow in Microsoft Outlook Express 5.0, 5.5, and 6.0 allows remote attackers to cause a denial of service (crash) via a long <a href> link.

5CVSS7.2AI score0.30063EPSS