CVE-2004-0502
First published: Thu Jun 03 2004(Updated: )
Outlook 2003, when replying to an e-mail message, stores certain files in a predictable location for the "src" of an img tag of the original message, which allows remote attackers to bypass zone restrictions and exploit other issues that rely on predictable locations, as demonstrated using a shell: URI.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Outlook | =2003 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2004-0502?
CVE-2004-0502 has a moderate severity level due to its potential exploitation via predictable file storage locations.
How do I fix CVE-2004-0502?
To fix CVE-2004-0502, apply the latest security updates from Microsoft for Outlook 2003.
What is the impact of CVE-2004-0502?
The impact of CVE-2004-0502 allows remote attackers to exploit file storage vulnerabilities leading to unauthorized access.
Who is affected by CVE-2004-0502?
Users of Microsoft Outlook 2003 are affected by CVE-2004-0502 due to its default file storage locations.
Is CVE-2004-0502 still a threat today?
While CVE-2004-0502 is an older vulnerability, users should ensure they are not using outdated software to minimize risks.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/severity
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/microsoft
- canonical/microsoft outlook
- version/microsoft outlook/2003