5
CVE-2004-2137
- EPSS 26.14%
- Veröffentlicht 31.12.2004 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:09:04
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Outlook Express 6.0, when sending multipart e-mail messages using the "Break apart messages larger than" setting, leaks the BCC recipients of the message to the addresses listed in the To and CC fields, which may allow remote attackers to obtain sensitive information.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Outlook Express Version6.0
Microsoft ≫ Outlook Express Version6.0 Updatesp1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 26.14% | 0.977 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
http://secunia.com/advisories/12376
http://securitytracker.com/id?1011067
http://support.microsoft.com/kb/843555
http://www.networksecurity.fi/advisories/outlook-bcc.html
http://www.osvdb.org/9167
http://www.securityfocus.com/bid/11040
https://exchange.xforce.ibmcloud.com/vulnerabilities/17098