CVSS: 7.5EPSS: 30%CPEs: 4EXPL: 2CVE-2002-2164 – Alleged Outlook Express 5/6 Link - Denial of Service
https://notcve.org/view.php?id=CVE-2002-2164
31 Dec 2002 — Buffer overflow in Microsoft Outlook Express 5.0, 5.5, and 6.0 allows remote attackers to cause a denial of service (crash) via a long <A HREF> link. • https://www.exploit-db.com/exploits/21789 •
CVSS: 3.8EPSS: 0%CPEs: 1EXPL: 2CVE-2002-2202
https://notcve.org/view.php?id=CVE-2002-2202
31 Dec 2002 — Outlook Express 6.0 does not delete messages from dbx files, even when a user empties the Deleted items folder, which allows local users to read other users email. • http://www.iss.net/security_center/static/10500.php •
CVSS: 7.5EPSS: 14%CPEs: 3EXPL: 0CVE-2002-1255
https://notcve.org/view.php?id=CVE-2002-1255
18 Dec 2002 — Microsoft Outlook 2002 allows remote attackers to cause a denial of service (repeated failure) via an email message with a certain invalid header field that is accessed using POP3, IMAP, or WebDAV, aka "E-mail Header Processing Flaw Could Cause Outlook 2002 to Fail." Microsoft Outlook 2002 permite a atacantes remotos causar una denegación de servicio (fallo repetido) mediante un mensaje de correo electrónico con cierto campo de cabecera inválido que es accedido usando POP3, IMAP O WebDAV. También conocido c... • http://www.securityfocus.com/bid/6319 •
CVSS: 9.8EPSS: 48%CPEs: 2EXPL: 1CVE-2002-1179 – Microsoft Outlook Express 5.5/6.0 - S/MIME Buffer Overflow
https://notcve.org/view.php?id=CVE-2002-1179
28 Oct 2002 — Buffer overflow in the S/MIME Parsing capability in Microsoft Outlook Express 5.5 and 6.0 allows remote attackers to execute arbitrary code via a digitally signed email with a long "From" address, which triggers the overflow when the user views or previews the message. • https://www.exploit-db.com/exploits/21932 •
CVSS: 6.8EPSS: 20%CPEs: 11EXPL: 1CVE-2002-0862 – Microsoft Internet Explorer 5/6 / Konqueror 2.2.2/3.0 / Weblogic Server 5/6/7 - Invalid X.509 Certificate Chain
https://notcve.org/view.php?id=CVE-2002-0862
10 Sep 2002 — The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Mac, Internet Explorer for Mac, and Outlook Express for Mac, do not properly verify the Basic Constraints of intermediate CA-signed X.509 certificates, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack for SSL sessions, as originally reported for Internet Explo... • https://www.exploit-db.com/exploits/21692 • CWE-295: Improper Certificate Validation •
CVSS: 7.1EPSS: 6%CPEs: 1EXPL: 0CVE-2002-0481
https://notcve.org/view.php?id=CVE-2002-0481
11 Jun 2002 — An interaction between Windows Media Player (WMP) and Outlook 2002 allows remote attackers to bypass Outlook security settings and execute Javascript via an IFRAME in an HTML email message that references .WMS (Windows Media Skin) or other WMP media files, whose onload handlers execute the player.LaunchURL() Javascript function. • http://online.securityfocus.com/archive/1/263429 •
CVSS: 7.5EPSS: 16%CPEs: 6EXPL: 0CVE-2002-1056
https://notcve.org/view.php?id=CVE-2002-1056
16 May 2002 — Microsoft Outlook 2000 and 2002, when configured to use Microsoft Word as the email editor, does not block scripts that are used while editing email messages in HTML or Rich Text Format (RTF), which could allow remote attackers to execute arbitrary scripts via an email that the user forwards or replies to. Microsoft Outlook 2000 y 2002, cuando están configurados para usar Microsoft Word como editor de correo, no bloquea secuencias de comandos (scripts) en usjo mientras se editan mensajes en HTML o Formato d... • http://marc.info/?l=bugtraq&m=101760380418890&w=2 •
CVSS: 7.5EPSS: 7%CPEs: 2EXPL: 0CVE-2002-0285
https://notcve.org/view.php?id=CVE-2002-0285
03 May 2002 — Outlook Express 5.5 and 6.0 on Windows treats a carriage return ("CR") in a message header as if it were a valid carriage return/line feed combination (CR/LF), which could allow remote attackers to bypass virus protection and or other filtering mechanisms via a mail message with headers that only contain the CR, which causes Outlook to create separate headers. Outlook Express 5.5 y 6.0 en Windows trata un retorno de carro (CR) en una cabecera de mensaje como si fuera una combinación válida retorno de carro/... • http://marc.info/?l=bugtraq&m=101362077701164&w=2 •
CVSS: 8.8EPSS: 22%CPEs: 15EXPL: 0CVE-2002-0152
https://notcve.org/view.php?id=CVE-2002-0152
22 Apr 2002 — Buffer overflow in various Microsoft applications for Macintosh allows remote attackers to cause a denial of service (crash) or execute arbitrary code by invoking the file:// directive with a large number of / characters, which affects Internet Explorer 5.1, Outlook Express 5.0 through 5.0.2, Entourage v. X and 2001, PowerPoint v. X, 2001, and 98, and Excel v. X and 2001 for Macintosh. Desbordamiento de buffer en varias aplicaciones de Microsoft para Macintosht permite a atacantes remotos causar una denegac... • http://marc.info/?l=bugtraq&m=101897994314015&w=2 •
CVSS: 9.8EPSS: 24%CPEs: 1EXPL: 0CVE-2001-1547
https://notcve.org/view.php?id=CVE-2001-1547
31 Dec 2001 — Outlook Express 6.0, with "Do not allow attachments to be saved or opened that could potentially be a virus" enabled, does not block email attachments from forwarded messages, which could allow remote attackers to execute arbitrary code. • http://www.iss.net/security_center/static/7670.php •