Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft outlook - vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2004-0502
Outlook 2003, when replying to an e-mail message, stores certain files in a predictable location for the "src" of an img tag of the original message, which allows remote malicious users to bypass zone restrictions and exploit other issues that rely on predictable locati...
Microsoft Outlook 2003
1 EDB exploit
5
CVSSv2
CVE-2006-2055
Argument injection vulnerability in Microsoft Outlook 2003 SP1 allows user-assisted remote malicious users to modify command line arguments to an invoked mail client via " (double quote) characters in a mailto: scheme handler, as demonstrated by launching Microsoft Outlook w...
Microsoft Outlook 2003
5.1
CVSSv2
CVE-2002-0481
An interaction between Windows Media Player (WMP) and Outlook 2002 allows remote malicious users to bypass Outlook security settings and execute Javascript via an IFRAME in an HTML email message that references .WMS (Windows Media Skin) or other WMP media files, whose onload hand...
Microsoft Outlook 2002
7.5
CVSSv2
CVE-2004-0121
Argument injection vulnerability in Microsoft Outlook 2002 does not sufficiently filter parameters of mailto: URLs when using them as arguments when calling OUTLOOK.EXE, which allows remote malicious users to use script code in the Local Machine zone and execute arbitrary program...
Microsoft Outlook 2002
Microsoft Office Xp
1 EDB exploit
5
CVSSv2
CVE-2006-6659
The Microsoft Office Outlook Recipient ActiveX control (ole32.dll) in Windows XP SP2 allows remote malicious users to cause a denial of service (Internet Explorer 7 hang) via crafted HTML.
Microsoft Outlook
Microsoft Ie 7.0
Microsoft Windows Xp
2 EDB exploits
5
CVSSv2
CVE-2000-0216
Microsoft email clients in Outlook, Exchange, and Windows Messaging automatically respond to Read Receipt and Delivery Receipt tags, which could allow an malicious user to flood a mail system with responses by forging a Read Receipt request that is redirected to a large distribut...
Microsoft Exchange Server
Microsoft Outlook
Microsoft Windows Messaging
3.8
CVSSv2
CVE-2002-2202
Outlook Express 6.0 does not delete messages from dbx files, even when a user empties the Deleted items folder, which allows local users to read other users email.
Microsoft Outlook Express 6.0
5
CVSSv2
CVE-2004-2137
Outlook Express 6.0, when sending multipart e-mail messages using the "Break apart messages larger than" setting, leaks the BCC recipients of the message to the addresses listed in the To and CC fields, which may allow remote malicious users to obtain sensitive informat...
Microsoft Outlook Express 6.0
4.6
CVSSv2
CVE-2005-0921
Microsoft Outlook 2002 Connector for IBM Lotus Domino 2.0 allows local users to save passwords and login credentials locally, even when password caching is disabled by a group policy.
Microsoft Outlook Connector 2002
7.5
CVSSv2
CVE-2001-0999
Outlook Express 6.00 allows remote malicious users to execute arbitrary script by embedding SCRIPT tags in a message whose MIME content type is text/plain, contrary to the expected behavior that text/plain messages will not run script.
Microsoft Outlook Express 6.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »