Integer Overflow Vulnerability in Microsoft Outlook Express and Windows Mail
CVE-2010-0816

Currently unrated

Key Information:

Vendor: Microsoft
Status: Outlook Express
Vendor: CVE Published:; 12 May 2010

Summary

An integer overflow in inetcomm.dll affects various versions of Microsoft Outlook Express and Windows Mail. This vulnerability allows remote email servers and man-in-the-middle attackers to execute arbitrary code through crafted POP3 or IMAP responses. Attackers can exploit the vulnerability by sending specific commands that manipulate how email responses are processed, potentially compromising the affected systems when users interact with their email clients.

References

http://www.protekresearchlab.com/index.php?option=com_con...

x_refsource_MISC

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.us-cert.gov/cas/techalerts/TA10-131A.html

third-party-advisoryx_refsource_CERT

EPSS Score

55% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 12, 2010
Vulnerability Reserved
Mar 2, 2010