Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2004-0502 | First vendor Publication | 2004-08-18 |
Vendor | Cve | Last vendor Modification | 2017-07-11 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:N) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Outlook 2003, when replying to an e-mail message, stores certain files in a predictable location for the "src" of an img tag of the original message, which allows remote attackers to bypass zone restrictions and exploit other issues that rely on predictable locations, as demonstrated using a shell: URI. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0502 |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
5998 | Microsoft Outlook Predictable File Caching Outlook 2003 contains a flaw that may allow a malicious user to place potentially malicious content on a predictable location on the target's computer. The issue is triggered when malicious content is included in an <img> tag. This allows a cross-domain violation. Code on a remote web page can then open files on a local computer and execute arbitrary code with user-level security resulting in a loss of confidentiality, integrity, and/or availability. |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-05-04 12:02:20 |
|
2021-04-22 01:02:29 |
|
2020-05-23 00:15:48 |
|
2017-07-11 12:01:27 |
|
2016-10-18 12:01:20 |
|
2016-04-26 12:50:30 |
|
2013-05-11 11:41:56 |
|