CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-0002

Unspecified vulnerability in Microsoft Outlook 2000 through 2003, Exchange 5.0 Server SP2 and 5.5 SP4, Exchange 2000 SP3, and Office allows remote attackers to execute arbitrary code via an e-mail message with a crafted Transport Neutral Encapsulation Format (TNEF) MIME attachment, related to message length validation.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.562

EPSS Ranking 97.9%

CVSS Severity

CVSS v2 Score 7.5

References

Products affected by CVE-2006-0002

Microsoft » Exchange Server » Version: 2000

cpe:2.3:a:microsoft:exchange_server:2000
Microsoft » Exchange Server » Version: 5.0

cpe:2.3:a:microsoft:exchange_server:5.0
Microsoft » Exchange Server » Version: 5.5

cpe:2.3:a:microsoft:exchange_server:5.5
Microsoft » Office » Version: 2000

cpe:2.3:a:microsoft:office:2000
Microsoft » Office » Version: 2003

cpe:2.3:a:microsoft:office:2003
Microsoft » Office » Version: xp

cpe:2.3:a:microsoft:office:xp
Microsoft » Outlook » Version: 2000

cpe:2.3:a:microsoft:outlook:2000
Microsoft » Outlook » Version: 2002

cpe:2.3:a:microsoft:outlook:2002
Microsoft » Outlook » Version: 2003

cpe:2.3:a:microsoft:outlook:2003

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-0002

Products

Pricing

Contact Us