Vulnerabilities (CVE)

Vendor filter

Microsoft Subscribe

Product filter

Outlook Express Subscribe

Filter

45 total CVE
CVE Vendors Products Updated CVSS
CVE-2007-3897 1 Microsoft 2 Outlook Express, Windows Mail 2019-10-09 9.3
Heap-based buffer overflow in Microsoft Outlook Express 6 and earlier, and Windows Mail for Vista, allows remote Network News Transfer Protocol (NNTP) servers to execute arbitrary code via long NNTP responses that trigger memory corruption.
CVE-2002-0862 4 Kde, Microsoft, Baltimore Technologies and 1 more 17 Windows Nt, Konqueror, Windows 98 and 14 more 2019-04-30 7.5
The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Mac, Internet Explorer for Mac, and Outlook...
CVE-2010-3147 1 Microsoft 7 Windows 2003 Server, Windows Server 2008, Windows 7 and 4 more 2019-02-26 9.3
Untrusted search path vulnerability in wab.exe 6.00.2900.5512 in Windows Address Book in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users...
CVE-2010-0816 1 Microsoft 3 Outlook Express, Windows Live Mail, Windows Mail 2019-02-26 9.3
Integer overflow in inetcomm.dll in Microsoft Outlook Express 5.5 SP2, 6, and 6 SP1; Windows Live Mail on Windows XP SP2 and SP3, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7; and Windows Mail on Windows Vista...
CVE-2006-0014 1 Microsoft 1 Outlook Express 2018-10-19 5.1
Buffer overflow in Microsoft Outlook Express 5.5 and 6 allows remote attackers to execute arbitrary code via a crafted Windows Address Book (WAB) file containing "certain Unicode strings" and modified length values.
CVE-2006-2386 1 Microsoft 1 Outlook Express 2018-10-18 6.8
Unspecified vulnerability in Microsoft Outlook Express 6 and earlier allows remote attackers to execute arbitrary code via a crafted contact record in a Windows Address Book (WAB) file.
CVE-2006-2111 1 Microsoft 1 Outlook Express 2018-10-18 4.3
A component in Microsoft Outlook Express 6 allows remote attackers to bypass domain restrictions and obtain sensitive information via redirections with the mhtml: URI handler, as originally reported for Internet Explorer 6 and 7, aka "URL...
CVE-2007-2227 1 Microsoft 2 Outlook Express, Windows Mail 2018-10-16 4.3
The MHTML protocol handler in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle Content-Disposition "notifications," which allows remote attackers to obtain sensitive information from other Internet Explorer...
CVE-2007-2225 1 Microsoft 2 Outlook Express, Windows Mail 2018-10-16 4.3
A component in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle certain HTTP headers when processing MHTML protocol URLs, which allows remote attackers to obtain sensitive information from other Internet...
CVE-2008-1448 1 Microsoft 2 Outlook Express, Windows Mail 2018-10-12 7.1
The MHTML protocol handler in a component of Microsoft Outlook Express 5.5 SP2 and 6 through SP1, and Windows Mail, does not assign the correct Internet Explorer Security Zone to UNC share pathnames, which allows remote attackers to bypass...
CVE-2005-1213 1 Microsoft 1 Outlook Express 2018-10-12 7.5
Stack-based buffer overflow in the news reader for Microsoft Outlook Express (MSOE.DLL) 5.5 SP2, 6, and 6 SP1 allows remote malicious NNTP servers to execute arbitrary code via a LIST response with a long second field.
CVE-2004-0380 1 Microsoft 1 Outlook Express 2018-10-12 10.0
The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help...
CVE-2004-0215 2 Avaya, Microsoft 5 Ip600 Media Servers, Modular Messaging Message Storage Server, S8100 and 2 more 2018-10-12 5.0
Microsoft Outlook Express 5.5 and 6 allows attackers to cause a denial of service (application crash) via a malformed e-mail header.
CVE-2002-1179 1 Microsoft 1 Outlook Express 2018-10-12 7.5
Buffer overflow in the S/MIME Parsing capability in Microsoft Outlook Express 5.5 and 6.0 allows remote attackers to execute arbitrary code via a digitally signed email with a long "From" address, which triggers the overflow when the user views...
CVE-2002-0152 1 Microsoft 6 Excel, Powerpoint, Outlook Express and 3 more 2018-10-12 7.5
Buffer overflow in various Microsoft applications for Macintosh allows remote attackers to cause a denial of service (crash) or execute arbitrary code by invoking the file:// directive with a large number of / characters, which affects Internet...
CVE-2001-0145 1 Microsoft 2 Outlook Express, Outlook 2018-10-12 7.5
Buffer overflow in VCard handler in Outlook 2000 and 98, and Outlook Express 5.x, allows an attacker to execute arbitrary commands via a malformed vCard birthday field.
CVE-2000-0653 1 Microsoft 1 Outlook Express 2018-10-12 5.0
Microsoft Outlook Express allows remote attackers to monitor a user's email by creating a persistent browser link to the Outlook Express windows, aka the "Persistent Mail-Browser Link" vulnerability.
CVE-2000-0621 1 Microsoft 2 Outlook Express, Outlook 2018-10-12 7.5
Microsoft Outlook 98 and 2000, and Outlook Express 4.0x and 5.0x, allow remote attackers to read files on the client's system via a malformed HTML message that stores files outside of the cache, aka the "Cache Bypass" vulnerability.
CVE-2000-0567 1 Microsoft 2 Outlook Express, Outlook 2018-10-12 5.0
Buffer overflow in Microsoft Outlook and Outlook Express allows remote attackers to execute arbitrary commands via a long Date field in an email header, aka the "Malformed E-mail Header" vulnerability.
CVE-2000-0329 1 Microsoft 3 Outlook Express, Ie, Outlook 2018-10-12 5.1
A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Active Setup Control" vulnerability.