oval:org.mitre.oval:def:843

Definition Id: oval:org.mitre.oval:def:843

Oval ID:	oval:org.mitre.oval:def:843
Title:	MS Outlook Argument Injection Local Vulnerability
Description:	Argument injection vulnerability in Microsoft Outlook 2002 does not sufficiently filter parameters of mailto: URLs when using them as arguments when calling OUTLOOK.EXE, which allows remote attackers to use script code in the Local Machine zone and execute arbitrary programs.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2004-0121	Version:	6
Platform(s):	Microsoft Windows 95	Product(s):	Microsoft Outlook
Definition Synopsis:
Outlook 2002 is installed AND the version of outlook.exe is less than 10.00.5709.0000 AND NOT the patch kb828040 is installed AND NOT Microsoft Office XP Service Pack 3 is installed