CVE Vulnerabilities

CVE-2004-0121

Published: Apr 15, 2004 | Modified: Oct 12, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Argument injection vulnerability in Microsoft Outlook 2002 does not sufficiently filter parameters of mailto: URLs when using them as arguments when calling OUTLOOK.EXE, which allows remote attackers to use script code in the Local Machine zone and execute arbitrary programs.

Affected Software

Name Vendor Start Version End Version
Office Microsoft xp xp
Office Microsoft xp xp
Office Microsoft xp xp
Outlook Microsoft 2002 2002
Outlook Microsoft 2002 2002
Outlook Microsoft 2002 2002

References