CVE Vulnerabilities

CVE-2003-1378

Published: Dec 31, 2003 | Modified: Jul 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
8.8 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:N
RedHat/V2
RedHat/V3
Ubuntu

Microsoft Outlook Express 6.0 and Outlook 2000, with the security zone set to Internet Zone, allows remote attackers to execute arbitrary programs via an HTML email with the CODEBASE parameter set to the program, a vulnerability similar to CAN-2002-0077.

Affected Software

Name Vendor Start Version End Version
Outlook Microsoft 2000 (including) 2000 (including)
Outlook Microsoft 2000-sp2 (including) 2000-sp2 (including)
Outlook Microsoft 2000-sr1 (including) 2000-sr1 (including)
Outlook_express Microsoft 6.0 (including) 6.0 (including)

References