outlook software vulnerabilities
vulnerabilities.aspcode.net
Searching outlook software vulnerabilities
Microsoft Outlook Express before 4.72.3612.1700
Microsoft
|
Express
|
Outlook
|
before
|
Microsoft Outlook Express before 4.72.3612.1700 allows a malicious user to send a message that contains a .., which can inadvertently cause Outlook to re-enter POP3 command mode and cause the POP3 session to hang.
Microsoft Outlook client allows remote attacker
attackers
|
Microsoft
|
multiple
|
messages
|
service
|
headers
|
sending
|
Outlook
|
client
|
X-UIDL
|
causes
|
remote
|
denial
|
allows
|
which
|
email
|
cause
|
hang
|
same
|
Microsoft Outlook client allows remote attackers to cause a denial of service by sending multiple email messages with the same X-UIDL headers, which causes Outlook to hang.
Outlook Express 5.01 and Internet Explorer 5.01
Express
|
Outlook
|
Outlook Express 5.01 and Internet Explorer 5.01 allow remote attackers to view a user's email messages via a script that accesses a variable that references subsequent email messages that are read by the client.
Buffer overflow in Outlook Express 4.x allows a
attachment
|
attackers
|
overflow
|
service
|
message
|
Outlook
|
Express
|
denial
|
allows
|
Buffer
|
cause
|
file
|
long
|
name
|
mail
|
news
|
has
|
via
|
bmp
|
jpg
|
Buffer overflow in Outlook Express 4.x allows attackers to cause a denial of service via a mail or news message that has a .jpg or .bmp attachment with a long file name.
Microsoft Outlook and Outlook Express allow rem
Return-Path
|
attackers
|
Microsoft
|
messages
|
Reply-To
|
service
|
sending
|
Express
|
Outlook
|
fields
|
denial
|
remote
|
blank
|
cause
|
email
|
allow
|
such
|
BCC
|
Microsoft Outlook and Outlook Express allow remote attackers to cause a denial of service by sending email messages with blank fields such as BCC, Reply-To, Return-Path, or From.
Microsoft Outlook Express allows remote attacke
vulnerability
|
Mail-Browser
|
"Persistent
|
persistent
|
attackers
|
Microsoft
|
creating
|
Outlook
|
browser
|
Express
|
windows
|
monitor
|
allows
|
user's
|
remote
|
email
|
Link"
|
link
|
aka
|
Microsoft Outlook Express allows remote attackers to monitor a user's email by creating a persistent browser link to the Outlook Express windows, aka the "Persistent Mail-Browser Link" vulnerability.
Microsoft Outlook 2000 does not properly proces
Microsoft
|
Outlook
|
Microsoft Outlook 2000 does not properly process long or malformed fields in vCard (.vcf) files, which allows attackers to cause a denial of service.
Buffer overflow in VCard handler in Outlook 200
overflow
|
handler
|
Outlook
|
Buffer
|
VCard
|
Buffer overflow in VCard handler in Outlook 2000 and 98, and Outlook Express 5.x, allows an attacker to execute arbitrary commands via a malformed vCard birthday field.
Buffer overflow in Outlook Express 5.0 through
overflow
|
Express
|
through
|
Outlook
|
Buffer
|
Buffer overflow in Outlook Express 5.0 through 5.02 for Macintosh allows remote attackers to cause a denial of service via an e-mail message that contains a long line.
Outlook Express 6.00 allows remote attackers to
Express
|
Outlook
|
Outlook Express 6.00 allows remote attackers to execute arbitrary script by embedding SCRIPT tags in a message whose MIME content type is text/plain, contrary to the expected behavior that text/plain messages will not run script.
Outlook Express 6.0, with "Do not allow attachm
attachments
|
potentially
|
forwarded
|
arbitrary
|
attackers
|
messages
|
execute
|
enabled
|
Express
|
Outlook
|
remote
|
opened
|
virus"
|
allow
|
which
|
could
|
saved
|
block
|
email
|
code
|
does
|
not
|
"Do
|
Outlook Express 6.0, with "Do not allow attachments to be saved or opened that could potentially be a virus" enabled, does not block email attachments from forwarded messages, which could allow remote attackers to execute arbitrary code.
An interaction between Windows Media Player (WM
interaction
|
Windows
|
between
|
Player
|
Media
|
An interaction between Windows Media Player (WMP) and Outlook 2002 allows remote attackers to bypass Outlook security settings and execute Javascript via an IFRAME in an HTML email message that references .WMS (Windows Media Skin) or other WMP media files, whose onload handlers execute the player.LaunchURL() Javascript function.
Buffer overflow in Microsoft Outlook Express 5.
Microsoft
|
attackers
|
overflow
|
Express
|
service
|
Outlook
|
denial
|
allows
|
Buffer
|
remote
|
cause
|
Buffer overflow in Microsoft Outlook Express 5.0, 5.5, and 6.0 allows remote attackers to cause a denial of service (crash) via a long
link.
Microsoft Outlook Express 5.5 and 6 allows atta
attackers
|
Microsoft
|
service
|
Outlook
|
Express
|
denial
|
allows
|
cause
|
Microsoft Outlook Express 5.5 and 6 allows attackers to cause a denial of service (application crash) via a malformed e-mail header.
Microsoft Internet Explorer 6.0, Outlook 2002,
Microsoft
|
Explorer
|
Internet
|
Outlook
|
Microsoft Internet Explorer 6.0, Outlook 2002, and Outlook 2003 allow remote attackers to cause a denial of service (CPU consumption), if "Do not save encrypted pages to disk" is disabled, via a web site or HTML e-mail that contains two null characters (%00) after the host name.
Microsoft Outlook Express 6.0 allows remote att
restrictions
|
facilitate
|
attackers
|
arbitrary
|
Microsoft
|
intended
|
phishing
|
sources
|
Outlook
|
attacks
|
context
|
content
|
Express
|
bypass
|
allows
|
remote
|
"_top"
|
target
|
access
|
"BASE
|
HREF"
|
load
|
into
|
via
|
set
|
Microsoft Outlook Express 6.0 allows remote attackers to bypass intended access restrictions, load content from arbitrary sources into the Outlook context, and facilitate phishing attacks via a "BASE HREF" with the target set to "_top".
Microsoft Outlook Web Access (OWA), when used w
Microsoft
|
Outlook
|
Access
|
Web
|
Microsoft Outlook Web Access (OWA), when used with Exchange, allows remote attackers to redirect users to arbitrary URLs for login via a link to the owalogon.asp application.
Microsoft Outlook 2003 and Outlook Web Access (
Microsoft
|
Outlook
|
Microsoft Outlook 2003 and Outlook Web Access (OWA) 2003 do not properly display comma separated addresses in the From field in an e-mail message, which could allow remote attackers to spoof e-mail addresses.
Buffer overflow in the Advanced Search (Finder.
Advanced
|
overflow
|
Search
|
Buffer
|
Buffer overflow in the Advanced Search (Finder.exe) feature of Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted Outlook Saved Searches (OSS) file that triggers memory corruption, aka "Microsoft Outlook Advanced Find Vulnerability."
Argument injection vulnerability involving Micr
metacharacters
|
cross-browser
|
CVE-2007-3670
|
vulnerability
|
unspecified
|
registered
|
involving
|
attackers
|
scripting
|
arbitrary
|
injection
|
Microsoft
|
handling
|
commands
|
Argument
|
invoking
|
inserted
|
command
|
similar
|
process
|
certain
|
conduct
|
Express
|
attacks
|
Outlook
|
execute
|
allows
|
remote
|
shell
|
issue
|
which
|
URIs
|
into
|
line
|
via
|
URI
|
Argument injection vulnerability involving Microsoft Outlook and Outlook Express, when certain URIs are registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in an unspecified URI, which are inserted into the command line when invoking the handling process, a similar issue to CVE-2007-3670.
Software vulnerabilities results 1 to 20 of 76
Page:
1
2
3
4
►