Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2694

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2004-2694
Last Modified 05 Sep 2008 12:00:00
Published 31 Dec 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2004-2694

Summary

Microsoft Outlook Express 6.0 allows remote attackers to bypass intended access restrictions, load content from arbitrary sources into the Outlook context, and facilitate phishing attacks via a "BASE HREF" with the target set to "_top".

Vulnerable Systems

Application

  • Microsoft Outlook Express 6.0


References

OSVDB - 6121

SECUNIA - 11607

BUGTRAQ - 20040513 POA: Outlook Expresss 6.00


Last Updated: 27 May 2016 10:39:35