Email Address Spoofing Vulnerability in Microsoft Outlook and OWA
CVE-2005-1052

Currently unrated

Key Information:

Vendor: Microsoft
Status: Outlook Web Access; Outlook
Vendor: CVE Published:; 2 May 2005

What is CVE-2005-1052?

The vulnerability in Microsoft Outlook 2003 and Outlook Web Access (OWA) 2003 arises from improper handling of comma-separated addresses in the From field of e-mail messages. This flaw can be exploited by remote attackers to impersonate legitimate email senders, thereby compromising the integrity of email communications. Users of the affected products are at risk of receiving emails that appear to be from trusted sources, potentially leading to phishing attacks and other malicious activities.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/20026

vdb-entryx_refsource_XF

http://www.idefense.com/application/poi/display?id=227&ty...

third-party-advisoryx_refsource_IDEFENSE

EPSS Score

7% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 2, 2005
Vulnerability Reserved
Apr 12, 2005