Microsoft: >> Outlook Express Security Vulnerabilities
A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Active Setup Control" vulnerability.
CVSS Score
5.1
EPSS Score
0.08
Published
1999-11-11
Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as text inputs in a table cell.
CVSS Score
5.0
EPSS Score
0.087
Published
1999-08-27
Microsoft Outlook client allows remote attackers to cause a denial of service by sending multiple email messages with the same X-UIDL headers, which causes Outlook to hang.
CVSS Score
5.0
EPSS Score
0.069
Published
1999-06-25
Microsoft Outlook Express before 4.72.3612.1700 allows a malicious user to send a message that contains a .., which can inadvertently cause Outlook to re-enter POP3 command mode and cause the POP3 session to hang.
CVSS Score
5.0
EPSS Score
0.088
Published
1999-05-11
Buffer overflow in the HTML library used by Internet Explorer, Outlook Express, and Windows Explorer via the res: local resource protocol.
CVSS Score
10.0
EPSS Score
0.179
Published
1997-11-01
Page 5