Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2010-0816

Published: 12/05/2010 Updated: 07/12/2023
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 935
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Outlook Express

Vulnerability Summary

Integer overflow in inetcomm.dll in Microsoft Outlook Express 5.5 SP2, 6, and 6 SP1; Windows Live Mail on Windows XP SP2 and SP3, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7; and Windows Mail on Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote e-mail servers and man-in-the-middle malicious users to execute arbitrary code via a crafted (1) POP3 or (2) IMAP response, as demonstrated by a certain +OK response on TCP port 110, aka "Outlook Express and Windows Mail Integer Overflow Vulnerability."

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft outlook_express 5.5

microsoft outlook_express 6.0

microsoft windows_live_mail

microsoft windows_mail

Exploits

Exploit DB: Microsoft Windows Outlook Express and Windows Mail - Integer Overflow
Application: Microsoft Outlook Express Microsoft Windows Mail Platforms: Windows 2000 Windows XP Windows Vista Windows server 2003 Windows Server 2008 SR2 Exploitation: Remote Exploitable CVE Number: CVE-2010-0816 Discover Date: 2009-09-11 Author: Francis Provencher (Protek Research Lab's) Website: wwwprotekresearchla ...
Exploit DB: Microsoft Windows Outlook Express And Windows Mail Integer Overflow
Microsoft Windows Outlook Express and Windows Mail suffer from an integer overflow vulnerability ...

References

CWE-189http://archives.neohapsis.com/archives/bugtraq/2010-05/0068.htmlhttp://www.protekresearchlab.com/index.php?option=com_content&view=article&id=13&Itemid=13http://www.securityfocus.com/bid/40052http://www.us-cert.gov/cas/techalerts/TA10-131A.htmlhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6734https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-030https://nvd.nist.govhttps://www.exploit-db.com/exploits/12564/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
XXECVE-2024-34490SQL injectionCVE-2024-34488CVE-2024-4507CVE-2023-7028CVE-2024-23187TCPCVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook