CVE-2005-1213 – Microsoft Outlook Express - NNTP Buffer Overflow (MS05-030)
https://notcve.org/view.php?id=CVE-2005-1213
Stack-based buffer overflow in the news reader for Microsoft Outlook Express (MSOE.DLL) 5.5 SP2, 6, and 6 SP1 allows remote malicious NNTP servers to execute arbitrary code via a LIST response with a long second field. • https://www.exploit-db.com/exploits/1066 https://www.exploit-db.com/exploits/16379 http://securitytracker.com/id?1014200 http://www.idefense.com/application/poi/display?id=263&type=vulnerabilities http://www.kb.cert.org/vuls/id/130614 http://www.securityfocus.com/bid/13951 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-030 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1088 https://oval.cisecurity.org/repository/sea •
CVE-2004-0526 – Microsoft Internet Explorer 4/5/6 - Embedded Image URI Obfuscation
https://notcve.org/view.php?id=CVE-2004-0526
Unknown versions of Internet Explorer and Outlook allow remote attackers to spoof a legitimate URL in the status bar via A HREF tags with modified "alt" values that point to the legitimate site, combined with an image map whose href points to the malicious site, which facilitates a "phishing" attack. Versiones desconocidas de Internet Explorer y Outlook permiten a atacantes remotos suplantar URL legítimas en la barra de estado mediante etiquetas A HREF con valores "alt" modificados que apuntan al sitio legítimo, combinado con un mapa de imagen cuyo HREF apunta al sitio malicioso, lo que facilita ataques de suplantación para robo de datos (phising). • https://www.exploit-db.com/exploits/24102 http://archives.neohapsis.com/archives/bugtraq/2004-05/0161.html http://marc.info/?l=bugtraq&m=108422905510713&w=2 http://www.kurczaba.com/securityadvisories/0405132poc.htm http://www.securityfocus.com/bid/10308 https://exchange.xforce.ibmcloud.com/vulnerabilities/16102 •
CVE-2004-0380 – Microsoft Internet Explorer 5.0.1 - ITS Protocol Zone Bypass (MS04-013)
https://notcve.org/view.php?id=CVE-2004-0380
The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help (CHM) file that references the InfoTech Storage (ITS) protocol handlers such as (1) ms-its, (2) ms-itss, (3) its, or (4) mk:@MSITStore, aka the "MHTML URL Processing Vulnerability." El Manejador del protocolo MHTML en Microsoft Outlook Express 5.5 SP2 a Outlook Express 6 SP1 permite a atacantes remotos eludir restricciones de dominio y ejecutar código arbitrario, como se ha demostrado en Internet Explorer usando código script en un archivo de ayuda compilada (CHM) te hace referencia a manejadores de protocolo InfoTech Storage (ITS) como ms-its its mk:@MSITStore también llamada "Vulnerabilidad en Procesamiento de URL MHTML". • https://www.exploit-db.com/exploits/23695 https://www.exploit-db.com/exploits/23400 https://www.exploit-db.com/exploits/23401 http://secunia.com/advisories/10523 http://www.k-otik.net/bugtraq/02.18.InternetExplorer.php http://www.kb.cert.org/vuls/id/323070 http://www.securityfocus.com/archive/1/354447 http://www.securityfocus.com/archive/1/358913 http://www.securityfocus.com/bid/9105 http://www.securityfocus.com/bid/9658 http://www.us-cert.gov/cas/techalert •
CVE-2002-2164 – Alleged Outlook Express 5/6 Link - Denial of Service
https://notcve.org/view.php?id=CVE-2002-2164
Buffer overflow in Microsoft Outlook Express 5.0, 5.5, and 6.0 allows remote attackers to cause a denial of service (crash) via a long <A HREF> link. • https://www.exploit-db.com/exploits/21789 http://archives.neohapsis.com/archives/bugtraq/2002-09/0082.html http://online.securityfocus.com/archive/1/291058 http://www.iss.net/security_center/static/10067.php http://www.securityfocus.com/bid/5682 •
CVE-2002-1179 – Microsoft Outlook Express 5.5/6.0 - S/MIME Buffer Overflow
https://notcve.org/view.php?id=CVE-2002-1179
Buffer overflow in the S/MIME Parsing capability in Microsoft Outlook Express 5.5 and 6.0 allows remote attackers to execute arbitrary code via a digitally signed email with a long "From" address, which triggers the overflow when the user views or previews the message. • https://www.exploit-db.com/exploits/21932 http://marc.info/?l=bugtraq&m=103435413105661&w=2 http://marc.info/?l=ntbugtraq&m=103429637822920&w=2 http://marc.info/?l=ntbugtraq&m=103429681123297&w=2 http://www.iss.net/security_center/static/10338.php http://www.securityfocus.com/bid/5944 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-058 •