Lucene search

[email protected]CVE-2004-0502

HistoryAug 18, 2004 - 4:00 a.m.

CVE-2004-0502

2004-08-1804:00:00

[email protected]

web.nvd.nist.gov

cve-2004-0502

outlook 2003

predictable location

remote attack

zone restrictions

exploit

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.1 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

83.2%

JSON

Outlook 2003, when replying to an e-mail message, stores certain files in a predictable location for the “src” of an img tag of the original message, which allows remote attackers to bypass zone restrictions and exploit other issues that rely on predictable locations, as demonstrated using a shell: URI.

Affected configurations

NVD

Node

microsoftoutlookMatch2003

CPENameOperatorVersion
microsoft:outlookmicrosoft outlookeq2003

CPE	Name	Operator	Version
microsoft:outlook	microsoft outlook	eq	2003

References

marc.info/?l=bugtraq&m=108420583612655&w=2

marc.info/?l=bugtraq&m=108637351805607&w=2

marc.info/?l=ntbugtraq&m=108644231209698&w=2

secunia.com/advisories/11572

www.securityfocus.com/bid/10307

exchange.xforce.ibmcloud.com/vulnerabilities/16104

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.1 High

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

83.2%

JSON

Related for CVE-2004-0502

nvd2 cvelist2 cve1