What is the severity of CVE-2004-0121?

CVE-2004-0121 is considered a critical vulnerability that can lead to remote code execution.

How do I fix CVE-2004-0121?

To fix CVE-2004-0121, apply the security updates provided by Microsoft for Outlook 2002 and Office XP.

Who is affected by CVE-2004-0121?

CVE-2004-0121 affects users of Microsoft Outlook 2002 and Microsoft Office XP, particularly the versions specified.

What types of attacks can result from CVE-2004-0121?

CVE-2004-0121 allows attackers to execute arbitrary programs by injecting script code through mailto: URLs.

Is there a workaround for CVE-2004-0121?

A temporary workaround for CVE-2004-0121 is to avoid using mailto: links with untrusted sources.

Vulnerability/
CVE-2004-0121

high

7.5

CWE

NVD-CWE-Other 88

15/4/2004

1/9/2004

8/8/2024

CVE-2004-0121

First published: Thu Apr 15 2004(Updated: )

Argument injection vulnerability in Microsoft Outlook 2002 does not sufficiently filter parameters of mailto: URLs when using them as arguments when calling OUTLOOK.EXE, which allows remote attackers to use script code in the Local Machine zone and execute arbitrary programs.

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
Microsoft Outlook	=2002-sp2
Microsoft Office	=xp-sp2
Microsoft Outlook	=2002-sp1
Microsoft Outlook	=2002
Microsoft Office	=xp
Microsoft Office	=xp-sp1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2004-0121?
CVE-2004-0121 is considered a critical vulnerability that can lead to remote code execution.
How do I fix CVE-2004-0121?
To fix CVE-2004-0121, apply the security updates provided by Microsoft for Outlook 2002 and Office XP.
Who is affected by CVE-2004-0121?
CVE-2004-0121 affects users of Microsoft Outlook 2002 and Microsoft Office XP, particularly the versions specified.
What types of attacks can result from CVE-2004-0121?
CVE-2004-0121 allows attackers to execute arbitrary programs by injecting script code through mailto: URLs.
Is there a workaround for CVE-2004-0121?
A temporary workaround for CVE-2004-0121 is to avoid using mailto: links with untrusted sources.

collector/nvd-historical
collector/nvd-index
agent/references
agent/type
agent/softwarecombine
agent/first-publish-date
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/author
agent/remedy
agent/weakness
agent/severity
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/tags
agent/event
agent/source
vendor/microsoft
canonical/microsoft outlook
version/microsoft outlook/2002-sp2
canonical/microsoft office
version/microsoft office/xp-sp2
version/microsoft outlook/2002-sp1
version/microsoft outlook/2002
version/microsoft office/xp
version/microsoft office/xp-sp1

Frequently Asked Questions

What is the severity of CVE-2004-0121?
CVE-2004-0121 is considered a critical vulnerability that can lead to remote code execution.
How do I fix CVE-2004-0121?
To fix CVE-2004-0121, apply the security updates provided by Microsoft for Outlook 2002 and Office XP.
Who is affected by CVE-2004-0121?
CVE-2004-0121 affects users of Microsoft Outlook 2002 and Microsoft Office XP, particularly the versions specified.
What types of attacks can result from CVE-2004-0121?
CVE-2004-0121 allows attackers to execute arbitrary programs by injecting script code through mailto: URLs.
Is there a workaround for CVE-2004-0121?
A temporary workaround for CVE-2004-0121 is to avoid using mailto: links with untrusted sources.

CVE-2004-0121

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2004-0121?

How do I fix CVE-2004-0121?

Who is affected by CVE-2004-0121?

What types of attacks can result from CVE-2004-0121?

Is there a workaround for CVE-2004-0121?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2004-0121?

How do I fix CVE-2004-0121?

Who is affected by CVE-2004-0121?

What types of attacks can result from CVE-2004-0121?

Is there a workaround for CVE-2004-0121?