CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2002-0285

Outlook Express 5.5 and 6.0 on Windows treats a carriage return ("CR") in a message header as if it were a valid carriage return/line feed combination (CR/LF), which could allow remote attackers to bypass virus protection and or other filtering mechanisms via a mail message with headers that only contain the CR, which causes Outlook to create separate headers.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.07

EPSS Ranking 91.0%

CVSS Severity

CVSS v2 Score 7.5

References

http://marc.info/?l=bugtraq&m=101362077701164&w=2
http://www.iss.net/security_center/static/8198.php
http://www.securityfocus.com/bid/4092
http://marc.info/?l=bugtraq&m=101362077701164&w=2
http://www.iss.net/security_center/static/8198.php
http://www.securityfocus.com/bid/4092

Products affected by CVE-2002-0285

Microsoft » Outlook Express » Version: 5.5

cpe:2.3:a:microsoft:outlook_express:5.5
Microsoft » Outlook Express » Version: 6.0

cpe:2.3:a:microsoft:outlook_express:6.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-0285

Products

Pricing

Contact Us