Microsoft: >> Outlook >> 98 Security Vulnerabilities
Buffer overflow in Microsoft Outlook and Outlook Express allows remote attackers to execute arbitrary commands via a long Date field in an email header, aka the "Malformed E-mail Header" vulnerability.
CVSS Score
5.0
EPSS Score
0.199
Published
2000-07-18
Buffer overflow in Outlook Express 4.x allows attackers to cause a denial of service via a mail or news message that has a .jpg or .bmp attachment with a long file name.
CVSS Score
5.0
EPSS Score
0.117
Published
2000-05-12
Microsoft email clients in Outlook, Exchange, and Windows Messaging automatically respond to Read Receipt and Delivery Receipt tags, which could allow an attacker to flood a mail system with responses by forging a Read Receipt request that is redirected to a large distribution list.
CVSS Score
5.0
EPSS Score
0.13
Published
2000-02-29
The Microsoft Active Setup ActiveX component in Internet Explorer 4.x and 5.x allows a remote attacker to install software components without prompting the user by stating that the software's manufacturer is Microsoft.
CVSS Score
7.6
EPSS Score
0.103
Published
2000-02-21
A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Active Setup Control" vulnerability.
CVSS Score
5.1
EPSS Score
0.08
Published
1999-11-11
Microsoft Outlook client allows remote attackers to cause a denial of service by sending multiple email messages with the same X-UIDL headers, which causes Outlook to hang.
CVSS Score
5.0
EPSS Score
0.069
Published
1999-06-25
The Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0) can be used to read text from a user's clipboard when the user accesses documents with ActiveX content.
CVSS Score
4.6
EPSS Score
0.003
Published
1999-01-01
Page 2