Information Disclosure Vulnerability in Microsoft Outlook Express 6.0
CVE-2005-2226

Currently unrated

Key Information:

Vendor: Microsoft
Status: Outlook Express
Vendor: CVE Published:; 12 July 2005

Summary

Microsoft Outlook Express 6.0 contains a vulnerability that causes it to inadvertently reveal the default news server account details when a user interacts with a 'watched' conversation thread. This exposure of account information may be exploited by remote attackers to acquire sensitive data from affected users, raising significant security concerns for the confidentiality of user communications.

References

http://www.securityfocus.com/bid/14225

vdb-entryx_refsource_BID

http://support.microsoft.com/default.aspx/kb/900930

vendor-advisoryx_refsource_MSKB

EPSS Score

35% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jul 12, 2005