Buffer Overflow Vulnerability in Microsoft Outlook Express by Microsoft
CVE-2006-0014

Currently unrated

Key Information:

Vendor: Microsoft
Status: Outlook Express
Vendor: CVE Published:; 12 April 2006

Summary

Microsoft Outlook Express 5.5 and 6 are vulnerable to a buffer overflow issue, where attackers can exploit a crafted Windows Address Book (WAB) file. This exploit involves using specific Unicode strings and altered length values, potentially allowing unauthorized execution of arbitrary code remotely. Proper precautions should be taken to avoid opening untrusted WAB files.

References

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://securitytracker.com/id?1015898

vdb-entryx_refsource_SECTRACK

EPSS Score

41% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 12, 2006
Vulnerability Reserved
Nov 9, 2005