Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0999


Vulnerability Score 7.5 7.5
CVE Id CVE-2001-0999
Last Modified 05 Sep 2008 04:25:26
Published 12 Sep 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Outlook Express 6.00 allows remote attackers to execute arbitrary script by embedding SCRIPT tags in a message whose MIME content type is text/plain, contrary to the expected behavior that text/plain messages will not run script.

Vulnerable Systems


  • Microsoft Outlook Express 6.0


XF - outlook-express-text-script-execution(7118)

BID - 3334

BUGTRAQ - 20010915 Proof-Of-Concept Perl Script for Bugtraq-ID: #3334

BUGTRAQ - 20010912 FREAK SHOW: Outlook Express 6.00

Last Updated: 27 May 2016 10:36:28