5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
7.7 High
AI Score
Confidence
Low
0.045 Low
EPSS
Percentile
92.5%
Microsoft Outlook 2000 and 2003, when configured to use Microsoft Word 2000 or 2003 as the e-mail editor and when forwarding e-mail, does not properly handle an opening OBJECT tag that does not have a closing OBJECT tag, which causes Outlook to automatically download the URI in the data property of the OBJECT tag and might allow remote attackers to execute arbitrary code.
CPE | Name | Operator | Version |
---|---|---|---|
microsoft:outlook | microsoft outlook | eq | 2000 |
microsoft:outlook | microsoft outlook | eq | 2003 |