Microsoft Outlook Express 6.0 and Outlook 2000, with the security zone set to Internet Zone, allows remote attackers to execute arbitrary programs via an HTML email with the CODEBASE parameter set to the program, a vulnerability similar to CAN-2002-0077.
References
Configurations
Configuration 1 (hide)
|
History
20 Nov 2024, 23:46
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securityfocus.com/archive/1/312910 - Exploit | |
References | () http://www.securityfocus.com/archive/1/312929 - | |
References | () http://www.securityfocus.com/bid/6923 - Exploit | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/11411 - |
Information
Published : 2003-12-31 05:00
Updated : 2024-11-20 23:46
NVD link : CVE-2003-1378
Mitre link : CVE-2003-1378
CVE.ORG link : CVE-2003-1378
JSON object : View
Products Affected
microsoft
- outlook
- outlook_express
CWE
CWE-264
Permissions, Privileges, and Access Controls