CVE Vulnerabilities

CVE-2006-0002

Published: Jan 10, 2006 | Modified: Apr 09, 2020
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Unspecified vulnerability in Microsoft Outlook 2000 through 2003, Exchange 5.0 Server SP2 and 5.5 SP4, Exchange 2000 SP3, and Office allows remote attackers to execute arbitrary code via an e-mail message with a crafted Transport Neutral Encapsulation Format (TNEF) MIME attachment, related to message length validation.

Affected Software

Name Vendor Start Version End Version
Exchange_server Microsoft 5.0 5.0
Exchange_server Microsoft 5.0 5.0
Exchange_server Microsoft 5.0 5.0
Exchange_server Microsoft 5.5 5.5
Exchange_server Microsoft 5.5 5.5
Exchange_server Microsoft 5.5 5.5
Exchange_server Microsoft 5.5 5.5
Exchange_server Microsoft 5.5 5.5
Exchange_server Microsoft 2000 2000
Office Microsoft 2000 2000
Office Microsoft 2003 2003
Office Microsoft 2003 2003
Office Microsoft xp xp
Outlook Microsoft 2000 2000
Outlook Microsoft 2002 2002
Outlook Microsoft 2003 2003

References