Total
45 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0285 | 1 Microsoft | 1 Outlook Express | 2023-12-10 | 7.5 HIGH | N/A |
| Outlook Express 5.5 and 6.0 on Windows treats a carriage return ("CR") in a message header as if it were a valid carriage return/line feed combination (CR/LF), which could allow remote attackers to bypass virus protection and or other filtering mechanisms via a mail message with headers that only contain the CR, which causes Outlook to create separate headers. | |||||
| CVE-2003-0301 | 1 Microsoft | 1 Outlook Express | 2023-12-10 | 5.0 MEDIUM | N/A |
| The IMAP Client for Outlook Express 6.00.2800.1106 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors. | |||||
| CVE-1999-1016 | 2 Microsoft, Qualcomm | 4 Frontpage, Internet Explorer, Outlook Express and 1 more | 2023-12-10 | 5.0 MEDIUM | N/A |
| Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as text inputs in a table cell. | |||||
| CVE-2003-1378 | 1 Microsoft | 2 Outlook, Outlook Express | 2023-12-10 | 8.8 HIGH | N/A |
| Microsoft Outlook Express 6.0 and Outlook 2000, with the security zone set to Internet Zone, allows remote attackers to execute arbitrary programs via an HTML email with the CODEBASE parameter set to the program, a vulnerability similar to CAN-2002-0077. | |||||
| CVE-2000-0415 | 1 Microsoft | 2 Outlook, Outlook Express | 2023-12-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in Outlook Express 4.x allows attackers to cause a denial of service via a mail or news message that has a .jpg or .bmp attachment with a long file name. | |||||