Microsoft: >> Outlook Express >> 6.00.2800.1106 Security Vulnerabilities
Argument injection vulnerability involving Microsoft Outlook and Outlook Express, when certain URIs are registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in an unspecified URI, which are inserted into the command line when invoking the handling process, a similar issue to CVE-2007-3670.
CVSS Score
8.8
EPSS Score
0.18
Published
2007-07-27
The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors.
CVSS Score
5.0
EPSS Score
0.008
Published
2003-06-16
The IMAP Client for Outlook Express 6.00.2800.1106 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors.
CVSS Score
5.0
EPSS Score
0.043
Published
2003-06-16
Microsoft Outlook client allows remote attackers to cause a denial of service by sending multiple email messages with the same X-UIDL headers, which causes Outlook to hang.
CVSS Score
5.0
EPSS Score
0.069
Published
1999-06-25
Buffer overflow in the HTML library used by Internet Explorer, Outlook Express, and Windows Explorer via the res: local resource protocol.
CVSS Score
10.0
EPSS Score
0.179
Published
1997-11-01