Microsoft

Outlook

120 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2002-1255

  • EPSS 14.02%
  • Veröffentlicht 18.12.2002 05:00:00
  • Zuletzt bearbeitet 16.04.2026 00:27:16

Microsoft Outlook 2002 allows remote attackers to cause a denial of service (repeated failure) via an email message with a certain invalid header field that is accessed using POP3, IMAP, or WebDAV, aka "E-mail Header Processing Flaw Could Cause Outlo...

5.1

CVE-2002-0481

  • EPSS 6.39%
  • Veröffentlicht 12.08.2002 04:00:00
  • Zuletzt bearbeitet 16.04.2026 00:27:16

An interaction between Windows Media Player (WMP) and Outlook 2002 allows remote attackers to bypass Outlook security settings and execute Javascript via an IFRAME in an HTML email message that references .WMS (Windows Media Skin) or other WMP media ...

7.5

CVE-2002-1056

  • EPSS 16.38%
  • Veröffentlicht 16.05.2002 04:00:00
  • Zuletzt bearbeitet 16.04.2026 00:27:16

Microsoft Outlook 2000 and 2002, when configured to use Microsoft Word as the email editor, does not block scripts that are used while editing email messages in HTML or Rich Text Format (RTF), which could allow remote attackers to execute arbitrary s...

10

CVE-2001-0538

  • EPSS 63.06%
  • Veröffentlicht 14.08.2001 04:00:00
  • Zuletzt bearbeitet 16.04.2026 00:27:16

Microsoft Outlook View ActiveX Control in Microsoft Outlook 2002 and earlier allows remote attackers to execute arbitrary commands via a malicious HTML e-mail message or web page.

7.5

CVE-2001-1088

Exploit
  • EPSS 47.82%
  • Veröffentlicht 05.06.2001 04:00:00
  • Zuletzt bearbeitet 16.04.2026 00:27:16

Microsoft Outlook 8.5 and earlier, and Outlook Express 5 and earlier, with the "Automatically put people I reply to in my address book" option enabled, do not notify the user when the "Reply-To" address is different than the "From" address, which cou...

5

CVE-2001-0322

Exploit
  • EPSS 12.5%
  • Veröffentlicht 02.06.2001 04:00:00
  • Zuletzt bearbeitet 16.04.2026 00:27:16

MSHTML.DLL HTML parser in Internet Explorer 4.0, and other versions, allows remote attackers to cause a denial of service (application crash) via a script that creates and deletes an object that is associated with the browser window object.

7.5

CVE-2001-0145

  • EPSS 11.76%
  • Veröffentlicht 03.05.2001 04:00:00
  • Zuletzt bearbeitet 16.04.2026 00:27:16

Buffer overflow in VCard handler in Outlook 2000 and 98, and Outlook Express 5.x, allows an attacker to execute arbitrary commands via a malformed vCard birthday field.

5

CVE-2000-0753

  • EPSS 18.5%
  • Veröffentlicht 20.10.2000 04:00:00
  • Zuletzt bearbeitet 16.04.2026 00:27:16

The Microsoft Outlook mail client identifies the physical path of the sender's machine within a winmail.dat attachment to Rich Text Format (RTF) files.

5

CVE-2000-0756

  • EPSS 11.68%
  • Veröffentlicht 20.10.2000 04:00:00
  • Zuletzt bearbeitet 16.04.2026 00:27:16

Microsoft Outlook 2000 does not properly process long or malformed fields in vCard (.vcf) files, which allows attackers to cause a denial of service.

7.5

CVE-2000-0621

  • EPSS 5.91%
  • Veröffentlicht 20.07.2000 04:00:00
  • Zuletzt bearbeitet 16.04.2026 00:27:16

Microsoft Outlook 98 and 2000, and Outlook Express 4.0x and 5.0x, allow remote attackers to read files on the client's system via a malformed HTML message that stores files outside of the cache, aka the "Cache Bypass" vulnerability.