Access Bypass in Microsoft Outlook Express 6.0 by Microsoft
CVE-2004-2694

Currently unrated

Key Information:

Vendor

Microsoft
Status
Outlook Express
Vendor
CVE Published:
31 December 2004

What is CVE-2004-2694?

Microsoft Outlook Express 6.0 contains a vulnerability that allows remote attackers to circumvent established access controls. By manipulating the 'BASE HREF' attribute with a target set to '_top', an attacker can load unauthorized content into the Outlook interface, which can aid in executing phishing schemes. This alteration compromises user security and exposes sensitive information, making it crucial for users to be aware of such threats.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://marc.info/?l=bugtraq&m=108448627120764&w=2
mailing-listx_refsource_BUGTRAQ
http://secunia.com/advisories/11607
third-party-advisoryx_refsource_SECUNIA
http://www.osvdb.org/6121
vdb-entryx_refsource_OSVDB

EPSS Score

17% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.