4.3

CVE-2006-1305

Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to cause a denial of service (memory exhaustion and interrupted mail recovery) via malformed e-mail header information, possibly related to (1) long subject lines or (2) large numbers of recipients in To or CC headers.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftOffice Version2000 Updatesp3
MicrosoftOutlook Version2000
MicrosoftOffice Versionxp Updatesp3
MicrosoftOutlook Version2002
MicrosoftOffice Version2003 Updatesp2
MicrosoftOutlook Version2003
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 30.81% 0.98
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://blogs.securiteam.com/index.php/archives/347
http://linuxbox.org/pipermail/funsec/2006-March/005208.html
http://osvdb.org/ref/24/24081-outlook1.txt
http://secunia.com/advisories/23674
Patch
Vendor Advisory
http://securitytracker.com/id?1017488
Patch
http://www.kb.cert.org/vuls/id/617436
US Government Resource
http://www.osvdb.org/31253
http://www.securityfocus.com/archive/1/457274/100/0/threaded
http://www.securityfocus.com/bid/21937
Patch
http://www.us-cert.gov/cas/techalerts/TA07-009A.html
US Government Resource
http://www.vupen.com/english/advisories/2007/0104
Vendor Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-003
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A122