Outlook Express Security Vulnerabilities and Issues — Outlook Express CVE List

Lucene search

MicrosoftOutlook Express

3 matches found

CVE•added 2007/10/09 10:17 p.m.•45 views

CVE-2007-3897

Heap-based buffer overflow in Microsoft Outlook Express 6 and earlier, and Windows Mail for Vista, allows remote Network News Transfer Protocol (NNTP) servers to execute arbitrary code via long NNTP responses that trigger memory corruption.

9.3CVSS7.8AI score0.64036EPSS

CVE•added 2007/10/19 10:0 a.m.•43 views

CVE-2003-1378

Microsoft Outlook Express 6.0 and Outlook 2000, with the security zone set to Internet Zone, allows remote attackers to execute arbitrary programs via an HTML email with the CODEBASE parameter set to the program, a vulnerability similar to CAN-2002-0077.

8.8CVSS7.3AI score0.34472EPSS

CVE•added 2007/10/06 8:0 p.m.•34 views

CVE-2004-2694

Microsoft Outlook Express 6.0 allows remote attackers to bypass intended access restrictions, load content from arbitrary sources into the Outlook context, and facilitate phishing attacks via a "BASE HREF" with the target set to "_top".

5.8CVSS7.1AI score0.17268EPSS