CVSS: 8.8EPSS: 56%CPEs: 16EXPL: 0CVE-2006-0002
https://notcve.org/view.php?id=CVE-2006-0002
10 Jan 2006 — Unspecified vulnerability in Microsoft Outlook 2000 through 2003, Exchange 5.0 Server SP2 and 5.5 SP4, Exchange 2000 SP3, and Office allows remote attackers to execute arbitrary code via an e-mail message with a crafted Transport Neutral Encapsulation Format (TNEF) MIME attachment, related to message length validation. • http://secunia.com/advisories/18368 •
CVSS: 9.8EPSS: 37%CPEs: 25EXPL: 0CVE-2005-0044
https://notcve.org/view.php?id=CVE-2005-0044
08 Feb 2005 — The OLE component in Windows 98, 2000, XP, and Server 2003, and Exchange Server 5.0 through 2003, does not properly validate the lengths of messages for certain OLE data, which allows remote attackers to execute arbitrary code, aka the "Input Validation Vulnerability." • http://www.kb.cert.org/vuls/id/927889 •
CVSS: 5.0EPSS: 19%CPEs: 5EXPL: 2CVE-2002-1790 – Microsoft IIS 4.0/5.0 - SMTP Service Encapsulated SMTP Address (MS99-027)
https://notcve.org/view.php?id=CVE-2002-1790
31 Dec 2002 — The SMTP service in Microsoft Internet Information Services (IIS) 4.0 and 5.0 allows remote attackers to bypass anti-relaying rules and send spam or spoofed messages via encapsulated SMTP addresses, a similar vulnerability to CVE-1999-0682. • https://www.exploit-db.com/exploits/21613 •
CVSS: 7.1EPSS: 1%CPEs: 9EXPL: 0CVE-2002-0507
https://notcve.org/view.php?id=CVE-2002-0507
11 Jun 2002 — An interaction between Microsoft Outlook Web Access (OWA) with RSA SecurID allows local users to bypass the SecurID authentication for a previous user via several submissions of an OWA Authentication request with the proper OWA password for the previous user, which is eventually accepted by OWA. Una interacción entre Microsoft Outlook Web Access (OWA) con RSA SecurID permite a usuarios locales evitar la autenticación SecurID para un usuario anterior mediante varios envios de una petición de autenticación OW... • http://online.securityfocus.com/archive/1/264705 • CWE-287: Improper Authentication •
CVSS: 5.3EPSS: 19%CPEs: 1EXPL: 0CVE-2001-0660
https://notcve.org/view.php?id=CVE-2001-0660
30 Oct 2001 — Outlook Web Access (OWA) in Microsoft Exchange 5.5, SP4 and earlier, allows remote attackers to identify valid user email addresses by directly accessing a back-end function that processes the global address list (GAL). • http://support.microsoft.com/support/kb/articles/Q307/1/95.ASP •
CVSS: 7.5EPSS: 13%CPEs: 9EXPL: 0CVE-2001-0509
https://notcve.org/view.php?id=CVE-2001-0509
29 Aug 2001 — Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT 4.0, and (4) Windows 2000 allow remote attackers to cause a denial of service via malformed inputs. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-041 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 21%CPEs: 2EXPL: 0CVE-1999-0945
https://notcve.org/view.php?id=CVE-1999-0945
12 Mar 2001 — Buffer overflow in Internet Mail Service (IMS) for Microsoft Exchange 5.5 and 5.0 allows remote attackers to conduct a denial of service via AUTH or AUTHINFO commands. • http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ169174 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 12%CPEs: 2EXPL: 0CVE-2001-0146
https://notcve.org/view.php?id=CVE-2001-0146
09 Mar 2001 — IIS 5.0 and Microsoft Exchange 2000 allow remote attackers to cause a denial of service (memory allocation error) by repeatedly sending a series of specially formatted URL's. • http://www.kb.cert.org/vuls/id/796584 •
CVSS: 7.5EPSS: 15%CPEs: 3EXPL: 0CVE-2000-0524
https://notcve.org/view.php?id=CVE-2000-0524
05 Jun 2000 — Microsoft Outlook and Outlook Express allow remote attackers to cause a denial of service by sending email messages with blank fields such as BCC, Reply-To, Return-Path, or From. • http://archives.neohapsis.com/archives/bugtraq/2000-06/0045.html •
CVSS: 7.5EPSS: 6%CPEs: 2EXPL: 0CVE-1999-1043
https://notcve.org/view.php?id=CVE-1999-1043
31 Dec 1999 — Microsoft Exchange Server 5.5 and 5.0 does not properly handle (1) malformed NNTP data, or (2) malformed SMTP data, which allows remote attackers to cause a denial of service (application error). • https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-007 •