Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-1033 — Microsoft Outlook Express vulnerability

6 documents6 sources

Severity

5.0MEDIUMNVD

EPSS

7.8%

top 8.03%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Microsoft Outlook Express

Timeline

PublishedMay 11

Latest updateJan 15

Description

Microsoft Outlook Express before 4.72.3612.1700 allows a malicious user to send a message that contains a .., which can inadvertently cause Outlook to re-enter POP3 command mode and cause the POP3 session to hang.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDmicrosoft/outlook_express4.72.3612.1700+2

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-935q-jf44-fq38: Microsoft Outlook Express before 4↗2022-04-30

▶

CVEList

CVE-1999-1033: Microsoft Outlook Express before 4↗2001-09-12

▶

💥Exploits & PoCs

Exploit-DB

Microsoft Outlook Express 4.27.3110/4.72.3120 - POP Denial of Service↗1999-05-11

▶

📄Research Papers

arXiv

CveBinarySheet: A Comprehensive Pre-built Binaries Database for IoT Vulnerability Analysis↗2025-01-15

▶