CVSS: 9.8EPSS: 46%CPEs: 2EXPL: 2CVE-2004-0121 – Microsoft Outlook 2002 - 'Mailto' Quoting Zone Bypass
https://notcve.org/view.php?id=CVE-2004-0121
15 Apr 2004 — Argument injection vulnerability in Microsoft Outlook 2002 does not sufficiently filter parameters of mailto: URLs when using them as arguments when calling OUTLOOK.EXE, which allows remote attackers to use script code in the Local Machine zone and execute arbitrary programs. Micrososft Outlook 2002 no filtra suficientemente los parámetros de URLs mailto:, cuando se usan como argumentos al llamar a OUTLOOK.EXE, lo que permite a atacantes remotos usar código script en la zona de seguridad "Máquina Local" y e... • https://www.exploit-db.com/exploits/23796 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 6.5EPSS: 11%CPEs: 6EXPL: 0CVE-2004-0284
https://notcve.org/view.php?id=CVE-2004-0284
18 Mar 2004 — Microsoft Internet Explorer 6.0, Outlook 2002, and Outlook 2003 allow remote attackers to cause a denial of service (CPU consumption), if "Do not save encrypted pages to disk" is disabled, via a web site or HTML e-mail that contains two null characters (%00) after the host name. Microsoft Internet Explorer 6.0, Outlook 2002, y Outlook 2003 permiten a atacantes remotos causar una denegación de servicio (consumición de CPU) si está desactivado "No guardar las páginas cifradas en el disco), mediante un sitio w... • http://marc.info/?l=bugtraq&m=107643134712133&w=2 •
CVSS: 7.5EPSS: 4%CPEs: 3EXPL: 0CVE-2003-0007
https://notcve.org/view.php?id=CVE-2003-0007
07 Feb 2003 — Microsoft Outlook 2002 does not properly handle requests to encrypt email messages with V1 Exchange Server Security certificates, which causes Outlook to send the email in plaintext, aka "Flaw in how Outlook 2002 handles V1 Exchange Server Security Certificates could lead to Information Disclosure." Microsoft Outllok no maneja adecuadamente las peticiones para cifrar mensajes con un certificados de Seguridad de Exchange Server V1, lo que hace que Outlook envíe el mensaje en texto plano, también conocida com... • http://www.securityfocus.com/bid/6667 •
CVSS: 5.0EPSS: 8%CPEs: 2EXPL: 0CVE-2002-2100
https://notcve.org/view.php?id=CVE-2002-2100
31 Dec 2002 — Microsoft Outlook 2002 allows remote attackers to embed bypass the file download restrictions for attachments via an HTML email message that uses an IFRAME to reference malicious content. • http://archives.neohapsis.com/archives/bugtraq/2002-03/0267.html •
CVSS: 7.5EPSS: 16%CPEs: 1EXPL: 0CVE-2002-2101
https://notcve.org/view.php?id=CVE-2002-2101
31 Dec 2002 — Microsoft Outlook 2002 allows remote attackers to execute arbitrary JavaScript code, even when scripting is disabled, via an "about:" or "javascript:" URI in the href attribute of an "a" tag. • http://archives.neohapsis.com/archives/bugtraq/2002-03/0267.html •
CVSS: 7.5EPSS: 14%CPEs: 3EXPL: 0CVE-2002-1255
https://notcve.org/view.php?id=CVE-2002-1255
18 Dec 2002 — Microsoft Outlook 2002 allows remote attackers to cause a denial of service (repeated failure) via an email message with a certain invalid header field that is accessed using POP3, IMAP, or WebDAV, aka "E-mail Header Processing Flaw Could Cause Outlook 2002 to Fail." Microsoft Outlook 2002 permite a atacantes remotos causar una denegación de servicio (fallo repetido) mediante un mensaje de correo electrónico con cierto campo de cabecera inválido que es accedido usando POP3, IMAP O WebDAV. También conocido c... • http://www.securityfocus.com/bid/6319 •
CVSS: 7.1EPSS: 6%CPEs: 1EXPL: 0CVE-2002-0481
https://notcve.org/view.php?id=CVE-2002-0481
11 Jun 2002 — An interaction between Windows Media Player (WMP) and Outlook 2002 allows remote attackers to bypass Outlook security settings and execute Javascript via an IFRAME in an HTML email message that references .WMS (Windows Media Skin) or other WMP media files, whose onload handlers execute the player.LaunchURL() Javascript function. • http://online.securityfocus.com/archive/1/263429 •
CVSS: 7.5EPSS: 16%CPEs: 6EXPL: 0CVE-2002-1056
https://notcve.org/view.php?id=CVE-2002-1056
16 May 2002 — Microsoft Outlook 2000 and 2002, when configured to use Microsoft Word as the email editor, does not block scripts that are used while editing email messages in HTML or Rich Text Format (RTF), which could allow remote attackers to execute arbitrary scripts via an email that the user forwards or replies to. Microsoft Outlook 2000 y 2002, cuando están configurados para usar Microsoft Word como editor de correo, no bloquea secuencias de comandos (scripts) en usjo mientras se editan mensajes en HTML o Formato d... • http://marc.info/?l=bugtraq&m=101760380418890&w=2 •
CVSS: 10.0EPSS: 68%CPEs: 1EXPL: 2CVE-2001-0538 – Microsoft Outlook 98/2000/2002 - Arbitrary Code Execution
https://notcve.org/view.php?id=CVE-2001-0538
14 Aug 2001 — Microsoft Outlook View ActiveX Control in Microsoft Outlook 2002 and earlier allows remote attackers to execute arbitrary commands via a malicious HTML e-mail message or web page. • https://www.exploit-db.com/exploits/21004 •