CVE-2004-0501
Microsoft Outlook 2003 - Mail Client E-mail Address Verification
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
Outlook 2003 allows remote attackers to bypass intended access restrictions and cause Outlook to request a URL from a remote site via an HTML e-mail message containing a Vector Markup Language (VML) entity whose src parameter points to the remote site, which could allow remote attackers to know when a message has been read, verify valid e-mail addresses, and possibly leak other information.
Outlook 2003 permite a atacantes remotos saltarse las restricciones de acceso pretendidas y hacer que Outlokk pida una URL de un sitio remoto mediante un mensaje de correo electrónico HTML conteniendo una entidad VML (Vector Markup Language) cuyo parámetro src apunta al sitio remoto, lo que podría permitir a atacantes remotos saber cuando un mensaje ha sido leído, verificar direcciones de correo electrónico válidas, y posiblemente filtrar otra información.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2004-05-11 First Exploit
- 2004-05-27 CVE Reserved
- 2004-06-03 CVE Published
- 2024-08-08 CVE Updated
- 2024-11-12 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (6)
URL | Tag | Source |
---|---|---|
http://marc.info/?l=bugtraq&m=108430168919965&w=2 | Mailing List | |
http://marc.info/?l=bugtraq&m=108637351805607&w=2 | Mailing List | |
http://marc.info/?l=ntbugtraq&m=108644231209698&w=2 | Mailing List | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/16116 | Vdb Entry |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/24114 | 2004-05-11 | |
http://www.securityfocus.com/bid/10323 | 2024-08-08 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|