Microsoft

Outlook

117 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2010-0266

  • EPSS 82.8%
  • Published 15.07.2010 12:57:12
  • Last modified 11.04.2025 00:51:21

Microsoft Office Outlook 2002 SP3, 2003 SP3, and 2007 SP1 and SP2 does not properly verify e-mail attachments with a PR_ATTACH_METHOD property value of ATTACH_BY_REFERENCE, which allows user-assisted remote attackers to execute arbitrary code via a c...

7.5

CVE-2008-3068

  • EPSS 12.63%
  • Published 07.07.2008 23:41:00
  • Last modified 09.04.2025 00:30:58

Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation List (CRL) checks by using an arbitrary URL from a certificate embedded in a (1) S/MIME e-mail message or (2) si...

4.3

CVE-2007-4040

  • EPSS 16.6%
  • Published 27.07.2007 22:30:00
  • Last modified 09.04.2025 00:30:58

Argument injection vulnerability involving Microsoft Outlook and Outlook Express, when certain URIs are registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metacharacters in an unspe...

9.3

CVE-2007-0671

Warning
  • EPSS 68.36%
  • Published 03.02.2007 01:28:00
  • Last modified 13.08.2025 01:00:01

Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in tar...

9.3

CVE-2007-0033

  • EPSS 60.31%
  • Published 09.01.2007 23:28:00
  • Last modified 09.04.2025 00:30:58

Microsoft Outlook 2002 and 2003 allows user-assisted remote attackers to execute arbitrary code via a malformed VEVENT record in an .iCal meeting request or ICS file.

9.3

CVE-2007-0034

  • EPSS 62.93%
  • Published 09.01.2007 23:28:00
  • Last modified 09.04.2025 00:30:58

Buffer overflow in the Advanced Search (Finder.exe) feature of Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted Outlook Saved Searches (OSS) file that triggers memory corruption, aka...

4.3

CVE-2006-1305

  • EPSS 51.83%
  • Published 31.12.2006 05:00:00
  • Last modified 09.04.2025 00:30:58

Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to cause a denial of service (memory exhaustion and interrupted mail recovery) via malformed e-mail header information, possibly related to (1) long subject lines or (2) lar...

5

CVE-2006-6659

Exploit
  • EPSS 22.97%
  • Published 20.12.2006 02:28:00
  • Last modified 09.04.2025 00:30:58

The Microsoft Office Outlook Recipient ActiveX control (ole32.dll) in Windows XP SP2 allows remote attackers to cause a denial of service (Internet Explorer 7 hang) via crafted HTML.

9.3

CVE-2006-3877

  • EPSS 36.78%
  • Published 10.10.2006 22:07:00
  • Last modified 09.04.2025 00:30:58

Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerabil...

9.3

CVE-2006-4868

Exploit
  • EPSS 63.98%
  • Published 19.09.2006 19:07:00
  • Last modified 03.04.2025 01:03:51

Stack-based buffer overflow in the Vector Graphics Rendering engine (vgx.dll), as used in Microsoft Outlook and Internet Explorer 6.0 on Windows XP SP2, and possibly other versions, allows remote attackers to execute arbitrary code via a Vector Marku...