Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
outlook express vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2002-1179
Buffer overflow in the S/MIME Parsing capability in Microsoft Outlook Express 5.5 and 6.0 allows remote malicious users to execute arbitrary code via a digitally signed email with a long "From" address, which triggers the overflow when the user views or previews the mes...
Microsoft Outlook Express 6.0
Microsoft Outlook Express 5.5
1 EDB exploit
454
VMScore
CVE-2006-0014
Buffer overflow in Microsoft Outlook Express 5.5 and 6 allows remote malicious users to execute arbitrary code via a crafted Windows Address Book (WAB) file containing "certain Unicode strings" and modified length values.
Microsoft Outlook Express 5.5
Microsoft Outlook Express 6.0
668
VMScore
CVE-2002-0285
Outlook Express 5.5 and 6.0 on Windows treats a carriage return ("CR") in a message header as if it were a valid carriage return/line feed combination (CR/LF), which could allow remote malicious users to bypass virus protection and or other filtering mechanisms via a ma...
Microsoft Outlook Express 5.5
Microsoft Outlook Express 6.0
760
VMScore
CVE-2005-1213
Stack-based buffer overflow in the news reader for Microsoft Outlook Express (MSOE.DLL) 5.5 SP2, 6, and 6 SP1 allows remote malicious NNTP servers to execute arbitrary code via a LIST response with a long second field.
Microsoft Outlook Express 6.0
Microsoft Outlook Express 5.5
2 EDB exploits
1000
VMScore
CVE-2004-0380
The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote malicious users to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help (CHM) file that references th...
Microsoft Outlook Express 5.5
Microsoft Outlook Express 6.0
3 EDB exploits
515
VMScore
CVE-2000-0329
A Microsoft ActiveX control allows a remote malicious user to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Active Setup Control" vulnerability.
Microsoft Ie 4.1
Microsoft Outlook 98
Microsoft Outlook Express 4.27.3110.1
Microsoft Internet Explorer 4.0
Microsoft Ie 4.0.1
Microsoft Ie 5.0
Microsoft Outlook Express 4.72.2106.4
Microsoft Outlook Express 4.72.3120.0
Microsoft Outlook Express 4.72.3612.1700
Microsoft Outlook Express 5.0
Microsoft Ie 4.0
Microsoft Ie 5
Microsoft Outlook 2000
1 EDB exploit
828
VMScore
CVE-2007-3897
Heap-based buffer overflow in Microsoft Outlook Express 6 and previous versions, and Windows Mail for Vista, allows remote Network News Transfer Protocol (NNTP) servers to execute arbitrary code via long NNTP responses that trigger memory corruption.
Microsoft Outlook Express 6.0
Microsoft Outlook Express
Microsoft Windows Mail -
632
VMScore
CVE-2008-1448
The MHTML protocol handler in a component of Microsoft Outlook Express 5.5 SP2 and 6 through SP1, and Windows Mail, does not assign the correct Internet Explorer Security Zone to UNC share pathnames, which allows remote malicious users to bypass intended access restrictions and r...
Microsoft Outlook Express 5.5
Microsoft Windows Mail
Microsoft Outlook Express 6.0
383
VMScore
CVE-2007-4040
Argument injection vulnerability involving Microsoft Outlook and Outlook Express, when certain URIs are registered, allows remote malicious users to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in an unspecified URI, which are in...
Microsoft Outlook Express
Microsoft Outlook
445
VMScore
CVE-1999-1164
Microsoft Outlook client allows remote malicious users to cause a denial of service by sending multiple email messages with the same X-UIDL headers, which causes Outlook to hang.
Microsoft Outlook 2000
Microsoft Outlook 97
Microsoft Outlook 98
Microsoft Outlook Express
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »