Page 5 of 32 results (0.005 seconds)

CVSS: 10.0EPSS: 5%CPEs: 1EXPL: 2

Microsoft Outlook View ActiveX Control in Microsoft Outlook 2002 and earlier allows remote attackers to execute arbitrary commands via a malicious HTML e-mail message or web page. • https://www.exploit-db.com/exploits/21004 https://www.exploit-db.com/exploits/21003 http://marc.info/?l=bugtraq&m=99496431214078&w=2 http://www.ciac.org/ciac/bulletins/l-113.shtml http://www.kb.cert.org/vuls/id/131569 http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0107&L=ntbugtraq&F=P&S=&P=862 http://www.securityfocus.com/bid/3025 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-038 https://exchange.xforce.ibmcloud.co •

CVSS: 7.5EPSS: 3%CPEs: 11EXPL: 3

Microsoft Outlook 8.5 and earlier, and Outlook Express 5 and earlier, with the "Automatically put people I reply to in my address book" option enabled, do not notify the user when the "Reply-To" address is different than the "From" address, which could allow an untrusted remote attacker to spoof legitimate addresses and intercept email from the client that is intended for another user. • https://www.exploit-db.com/exploits/20899 http://support.microsoft.com/default.aspx?scid=kb%3BEN-US%3Bq234241 http://www.securityfocus.com/archive/1/188752 http://www.securityfocus.com/bid/2823 https://exchange.xforce.ibmcloud.com/vulnerabilities/6655 •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

Buffer overflow in VCard handler in Outlook 2000 and 98, and Outlook Express 5.x, allows an attacker to execute arbitrary commands via a malformed vCard birthday field. • http://www.atstake.com/research/advisories/2001/a022301-1.txt https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-012 •

CVSS: 5.0EPSS: 5%CPEs: 3EXPL: 2

MSHTML.DLL HTML parser in Internet Explorer 4.0, and other versions, allows remote attackers to cause a denial of service (application crash) via a script that creates and deletes an object that is associated with the browser window object. • https://www.exploit-db.com/exploits/20552 http://marc.info/?l=bugtraq&m=97958685100219&w=2 http://www.securityfocus.com/bid/2202 https://exchange.xforce.ibmcloud.com/vulnerabilities/5938 •

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0

The Microsoft Outlook mail client identifies the physical path of the sender's machine within a winmail.dat attachment to Rich Text Format (RTF) files. • http://www.securityfocus.com/archive/1/201422 http://www.securityfocus.com/archive/1/78240 http://www.securityfocus.com/bid/1631 https://exchange.xforce.ibmcloud.com/vulnerabilities/5508 •