5.1

CVE-2006-0014

Buffer overflow in Microsoft Outlook Express 5.5 and 6 allows remote attackers to execute arbitrary code via a crafted Windows Address Book (WAB) file containing "certain Unicode strings" and modified length values.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftOutlook Express Version5.5
MicrosoftOutlook Express Version5.5 Updatesp1
MicrosoftOutlook Express Version5.5 Updatesp2
MicrosoftOutlook Express Version6.0
MicrosoftOutlook Express Version6.0 Updatesp1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 23.88% 0.975
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.1 4.9 6.4
AV:N/AC:H/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/045003.html
http://secunia.com/advisories/19617
Patch
Vendor Advisory
http://securityreason.com/securityalert/691
http://securitytracker.com/id?1015898
http://www.securityfocus.com/archive/1/430645/100/0/threaded
http://www.securityfocus.com/bid/17459
http://www.vupen.com/english/advisories/2006/1321
http://www.zerodayinitiative.com/advisories/ZDI-06-007.html
Vendor Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-016
https://exchange.xforce.ibmcloud.com/vulnerabilities/25535
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1611
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1682
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1769
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1771
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1780
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1791
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A812