Summary
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2004-12-31 |
| Product | Outlook Express | Last view | 2010-05-12 |
| Version | 6.0 | Type | Application |
| Update | sp1 | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:microsoft:outlook_express | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 9.3 | 2010-05-12 | CVE-2010-0816 | Integer overflow in inetcomm.dll in Microsoft Outlook Express 5.5 SP2, 6, and 6 SP1; Windows Live Mail on Windows XP SP2 and SP3, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7; and Windows Mail on Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote e-mail servers and man-in-the-middle attackers to execute arbitrary code via a crafted (1) POP3 or (2) IMAP response, as demonstrated by a certain +OK response on TCP port 110, aka "Outlook Express and Windows Mail Integer Overflow Vulnerability." |
| 7.1 | 2008-08-12 | CVE-2008-1448 | The MHTML protocol handler in a component of Microsoft Outlook Express 5.5 SP2 and 6 through SP1, and Windows Mail, does not assign the correct Internet Explorer Security Zone to UNC share pathnames, which allows remote attackers to bypass intended access restrictions and read arbitrary files via an mhtml: URI in conjunction with a redirection, aka "URL Parsing Cross-Domain Information Disclosure Vulnerability." |
| 9.3 | 2007-10-09 | CVE-2007-3897 | Heap-based buffer overflow in Microsoft Outlook Express 6 and earlier, and Windows Mail for Vista, allows remote Network News Transfer Protocol (NNTP) servers to execute arbitrary code via long NNTP responses that trigger memory corruption. |
| 6.8 | 2006-12-12 | CVE-2006-2386 | Unspecified vulnerability in Microsoft Outlook Express 6 and earlier allows remote attackers to execute arbitrary code via a crafted contact record in a Windows Address Book (WAB) file. |
| 5.1 | 2006-04-11 | CVE-2006-0014 | Buffer overflow in Microsoft Outlook Express 5.5 and 6 allows remote attackers to execute arbitrary code via a crafted Windows Address Book (WAB) file containing "certain Unicode strings" and modified length values. |
| 5 | 2005-07-12 | CVE-2005-2226 | Microsoft Outlook Express 6.0 leaks the default news server account when a user responds to a "watched" conversation thread, which could allow remote attackers to obtain sensitive information. |
| 7.5 | 2005-06-14 | CVE-2005-1213 | Stack-based buffer overflow in the news reader for Microsoft Outlook Express (MSOE.DLL) 5.5 SP2, 6, and 6 SP1 allows remote malicious NNTP servers to execute arbitrary code via a LIST response with a long second field. |
| 5 | 2004-12-31 | CVE-2004-2137 | Outlook Express 6.0, when sending multipart e-mail messages using the "Break apart messages larger than" setting, leaks the BCC recipients of the message to the addresses listed in the To and CC fields, which may allow remote attackers to obtain sensitive information. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 33% (1) | CWE-264 | Permissions, Privileges, and Access Controls |
| 33% (1) | CWE-189 | Numeric Errors |
| 33% (1) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
SAINT Exploits
| Description | Link |
|---|---|
| Outlook Express NNTP LIST buffer overflow | More info here |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 64530 | Microsoft Outlook Express / Windows Mail STAT Response Overflow |
| 47413 | Microsoft IE MHTML Protocol Handler Cross-Domain Information Disclosure |
| 37631 | Microsoft Windows Malformed NNTP Response Remote Memory Corruption |
| 30821 | Microsoft Outlook Express Windows Address Book Contact Record Code Execution |
| 24519 | Microsoft Outlook Express Windows Address Book (.wab) Processing Overflow |
| 18241 | Microsoft Outlook Express begin Keyword Message Handling DoS |
| 17306 | Microsoft Outlook Express NNTP LIST Command Remote Overflow |
| 9167 | Microsoft Outlook Express BCC: Recipient Information Disclosure |
ExploitDB Exploits
| id | Description |
|---|---|
| 12564 | Microsoft Windows Outlook Express and Windows Mail Integer Overflow |
OpenVAS Exploits
| id | Description |
|---|---|
| 2011-01-14 | Name : Microsoft Outlook Express And Windows Mail NNTP Protocol Heap Buffer Overflow... File : nvt/gb_ms07-056.nasl |
| 2010-05-13 | Name : Microsoft Outlook Express and Windows Mail Remote Code Execution Vulnerabilit... File : nvt/secpod_ms10-030.nasl |
| 2008-08-19 | Name : Security Update for Outlook Express (951066) File : nvt/secpod_ms08-048_900031.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2010-B-0039 | Microsoft Outlook Express and Windows Mail Remote Code Executio Vulnerability Severity: Category II - VMSKEY: V0024168 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | Microsoft Windows Address Book file magic detected RuleID : 9639 - Type : FILE-IDENTIFY - Revision : 14 |
| 2014-01-10 | Microsoft Office Outlook Express NNTP response overflow attempt RuleID : 9431 - Type : FILE-OFFICE - Revision : 15 |
| 2014-01-10 | Microsoft Windows Address Book Base64 encoded attachment detected RuleID : 6413 - Type : SERVER-MAIL - Revision : 10 |
| 2014-01-10 | Microsoft Windows Address Book attachment detected RuleID : 6412 - Type : SERVER-MAIL - Revision : 10 |
| 2015-02-24 | Outlook Express WAB file parsing buffer overflow attempt RuleID : 33198 - Type : OS-WINDOWS - Revision : 2 |
| 2014-01-10 | Microsoft Windows Address Book file magic detected RuleID : 23722 - Type : FILE-IDENTIFY - Revision : 6 |
| 2014-01-10 | Outlook Express WAB file parsing buffer overflow attempt RuleID : 18590 - Type : OS-WINDOWS - Revision : 12 |
| 2014-01-10 | Microsoft Windows Mail remote code execution attempt RuleID : 16595 - Type : SERVER-MAIL - Revision : 16 |
| 2014-01-10 | Microsoft Office Outlook Express and Windows Mail NNTP handling buffer overfl... RuleID : 16428 - Type : FILE-OFFICE - Revision : 11 |
| 2014-01-10 | Microsoft Internet Explorer MHTML zone control bypass attempt RuleID : 13962 - Type : BROWSER-IE - Revision : 12 |
| 2014-01-10 | XHDR buffer overflow attempt RuleID : 12636 - Type : PROTOCOL-NNTP - Revision : 6 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2010-05-11 | Name: An integer overflow vulnerability is present on the remote host due to an iss... File: smb_nt_ms10-030.nasl - Type: ACT_GATHER_INFO |
| 2008-08-13 | Name: An information disclosure vulnerability is present on the remote host due to ... File: smb_nt_ms08-048.nasl - Type: ACT_GATHER_INFO |
| 2007-10-09 | Name: Arbitrary code can be executed on the remote host through the email client. File: smb_nt_ms07-056.nasl - Type: ACT_GATHER_INFO |
| 2006-12-12 | Name: Arbitrary code can be executed on the remote host through the email client. File: smb_nt_ms06-076.nasl - Type: ACT_GATHER_INFO |
| 2006-04-11 | Name: Arbitrary code can be executed on the remote host through the email client. File: smb_nt_ms06-016.nasl - Type: ACT_GATHER_INFO |
| 2005-07-12 | Name: A denial of service attack can be launched against the remote Outlook Express... File: smb_kb900930.nasl - Type: ACT_GATHER_INFO |
| 2005-06-14 | Name: Arbitrary code can be executed on the remote host through the email client. File: smb_nt_ms05-030.nasl - Type: ACT_GATHER_INFO |
