5

CVE-2004-2137

Outlook Express 6.0, when sending multipart e-mail messages using the "Break apart messages larger than" setting, leaks the BCC recipients of the message to the addresses listed in the To and CC fields, which may allow remote attackers to obtain sensitive information.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftOutlook Express Version6.0
MicrosoftOutlook Express Version6.0 Updatesp1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 26.14% 0.977
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/12376
Patch
Vendor Advisory
http://securitytracker.com/id?1011067
Patch
http://support.microsoft.com/kb/843555
Patch
Vendor Advisory
http://www.networksecurity.fi/advisories/outlook-bcc.html
Patch
Vendor Advisory
http://www.osvdb.org/9167
http://www.securityfocus.com/bid/11040
https://exchange.xforce.ibmcloud.com/vulnerabilities/17098