VYPR

Hotmail

by Microsoft

CVEs (3)

  • CVE-1999-0750Sep 13, 1999
    risk 0.04cvss epss 0.09

    Hotmail allows Javascript to be executed via the HTML STYLE tag, allowing remote attackers to execute commands on the user's Hotmail account.

  • CVE-2000-0081Jan 10, 2000
    risk 0.02cvss epss 0.19

    Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute the code by using hexadecimal codes to specify the javascript: protocol, e.g. jAvascript.

  • CVE-2000-0085Jan 4, 2000
    risk 0.01cvss epss 0.15

    Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute code via the LOWSRC or DYNRC parameters in the IMG tag.