CVE-2003-1378

Currently unrated

Key Information:

Vendor: Microsoft
Status: Outlook; Outlook Express
Vendor: CVE Published:; 31 December 2003

Summary

Microsoft Outlook Express 6.0 and Outlook 2000, with the security zone set to Internet Zone, allows remote attackers to execute arbitrary programs via an HTML email with the CODEBASE parameter set to the program, a vulnerability similar to CAN-2002-0077.

References

http://www.securityfocus.com/archive/1/312910

mailing-listx_refsource_BUGTRAQ

https://exchange.xforce.ibmcloud.com/vulnerabilities/11411

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/6923

vdb-entryx_refsource_BID

EPSS Score

12% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Oct 18, 2007
Vulnerability published
Dec 31, 2003

Collectors

NVD DatabaseMitre Database