Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft outlook express vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2004-2137
Outlook Express 6.0, when sending multipart e-mail messages using the "Break apart messages larger than" setting, leaks the BCC recipients of the message to the addresses listed in the To and CC fields, which may allow remote malicious users to obtain sensitive informat...
Microsoft Outlook Express 6.0
5
CVSSv2
CVE-2005-2226
Microsoft Outlook Express 6.0 leaks the default news server account when a user responds to a "watched" conversation thread, which could allow remote malicious users to obtain sensitive information.
Microsoft Outlook Express 6.0
7.5
CVSSv2
CVE-2001-0999
Outlook Express 6.00 allows remote malicious users to execute arbitrary script by embedding SCRIPT tags in a message whose MIME content type is text/plain, contrary to the expected behavior that text/plain messages will not run script.
Microsoft Outlook Express 6.0
4.3
CVSSv2
CVE-2006-2111
A component in Microsoft Outlook Express 6 allows remote malicious users to bypass domain restrictions and obtain sensitive information via redirections with the mhtml: URI handler, as originally reported for Internet Explorer 6 and 7, aka "URL Redirect Cross Domain Informat...
Microsoft Outlook Express 6.0
1 EDB exploit
4.3
CVSSv2
CVE-2008-5424
The MimeOleClearDirtyTree function in InetComm.dll in Microsoft Outlook Express 6.00.2900.5512 does not properly handle (1) multipart/mixed e-mail messages with many MIME parts and possibly (2) e-mail messages with many "Content-type: message/rfc822;" headers, which all...
Microsoft Outlook Express 6.00.2900.5512
5.8
CVSSv2
CVE-2004-2694
Microsoft Outlook Express 6.0 allows remote malicious users to bypass intended access restrictions, load content from arbitrary sources into the Outlook context, and facilitate phishing attacks via a "BASE HREF" with the target set to "_top".
Microsoft Outlook Express 6.0
4.3
CVSSv2
CVE-2005-4840
The Outlook Express Address Book control, when using Internet Explorer 6, allows remote malicious users to cause a denial of service (NULL dereference and browser crash) by creating the OutlookExpress.AddressBook COM object, which is not intended for use within Internet Explorer.
Microsoft Outlook Express Book Control
5
CVSSv2
CVE-2000-0036
Outlook Express 5 for Macintosh downloads attachments to HTML mail without prompting the user, aka the "HTML Mail Attachment" vulnerability.
Microsoft Outlook Express 5.0
Microsoft Ie 4.5
4.3
CVSSv2
CVE-2007-2225
A component in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle certain HTTP headers when processing MHTML protocol URLs, which allows remote malicious users to obtain sensitive information from other Internet Explorer domains, aka "URL ...
Microsoft Outlook Express 6.0
Microsoft Windows Mail
4.3
CVSSv2
CVE-2007-2227
The MHTML protocol handler in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle Content-Disposition "notifications," which allows remote malicious users to obtain sensitive information from other Internet Explorer domains, aka "...
Microsoft Outlook Express 6.0
Microsoft Windows Mail
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »