Outlook Express
by Microsoft
CVEs (47)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-1999-1164 | 0.01 | — | 0.13 | Jun 25, 1999 | Microsoft Outlook client allows remote attackers to cause a denial of service by sending multiple email messages with the same X-UIDL headers, which causes Outlook to hang. | |||
| CVE-1999-0967 | 0.01 | — | 0.07 | Nov 1, 1997 | Buffer overflow in the HTML library used by Internet Explorer, Outlook Express, and Windows Explorer via the res: local resource protocol. | |||
| CVE-2003-0300 | 0.00 | — | 0.03 | Jun 16, 2003 | The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors. | |||
| CVE-2003-0301 | 0.00 | — | 0.06 | Jun 16, 2003 | The IMAP Client for Outlook Express 6.00.2800.1106 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors. | |||
| CVE-2002-2202 | 0.00 | — | 0.01 | Dec 31, 2002 | Outlook Express 6.0 does not delete messages from dbx files, even when a user empties the Deleted items folder, which allows local users to read other users email. | |||
| CVE-2000-0415 | 0.00 | — | 0.06 | May 12, 2000 | Buffer overflow in Outlook Express 4.x allows attackers to cause a denial of service via a mail or news message that has a .jpg or .bmp attachment with a long file name. | |||
| CVE-2000-0036 | 0.00 | — | 0.04 | Dec 22, 1999 | Outlook Express 5 for Macintosh downloads attachments to HTML mail without prompting the user, aka the "HTML Mail Attachment" vulnerability. |
- CVE-1999-1164Jun 25, 1999risk 0.01cvss —epss 0.13
Microsoft Outlook client allows remote attackers to cause a denial of service by sending multiple email messages with the same X-UIDL headers, which causes Outlook to hang.
- CVE-1999-0967Nov 1, 1997risk 0.01cvss —epss 0.07
Buffer overflow in the HTML library used by Internet Explorer, Outlook Express, and Windows Explorer via the res: local resource protocol.
- CVE-2003-0300Jun 16, 2003risk 0.00cvss —epss 0.03
The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors.
- CVE-2003-0301Jun 16, 2003risk 0.00cvss —epss 0.06
The IMAP Client for Outlook Express 6.00.2800.1106 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors.
- CVE-2002-2202Dec 31, 2002risk 0.00cvss —epss 0.01
Outlook Express 6.0 does not delete messages from dbx files, even when a user empties the Deleted items folder, which allows local users to read other users email.
- CVE-2000-0415May 12, 2000risk 0.00cvss —epss 0.06
Buffer overflow in Outlook Express 4.x allows attackers to cause a denial of service via a mail or news message that has a .jpg or .bmp attachment with a long file name.
- CVE-2000-0036Dec 22, 1999risk 0.00cvss —epss 0.04
Outlook Express 5 for Macintosh downloads attachments to HTML mail without prompting the user, aka the "HTML Mail Attachment" vulnerability.
Page 3 of 3