CVE-2003-1378
First published: Wed Dec 31 2003(Updated: )
Microsoft Outlook Express 6.0 and Outlook 2000, with the security zone set to Internet Zone, allows remote attackers to execute arbitrary programs via an HTML email with the CODEBASE parameter set to the program, a vulnerability similar to CAN-2002-0077.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Outlook | =2000-sr1 | |
| Microsoft Outlook | =2000 | |
| Microsoft Outlook Express | =6.0 | |
| Microsoft Outlook | =2000-sp2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-historical
- collector/nvd-index
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/microsoft
- canonical/microsoft outlook
- version/microsoft outlook/2000-sr1
- version/microsoft outlook/2000
- canonical/microsoft outlook express
- version/microsoft outlook express/6.0
- version/microsoft outlook/2000-sp2