CVE-2000-0621Microsoft Outlook vulnerability

3 documents3 sources
Severity
7.5HIGHNVD
EPSS
5.9%
top 9.38%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microsoft OutlookMicrosoft Outlook Express
Timeline
PublishedJul 20
Latest updateApr 30

Description

Microsoft Outlook 98 and 2000, and Outlook Express 4.0x and 5.0x, allow remote attackers to read files on the client's system via a malformed HTML message that stores files outside of the cache, aka the "Cache Bypass" vulnerability.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

NVDmicrosoft/outlook_express4 versions+3
NVDmicrosoft/outlook2000, 97, 98+2

Patches

Patch: www.cert.orgPatch: www.securityfocus.comPatch: www.cert.org

🔴Vulnerability Details

2
GHSA
GHSA-vvh2-vwv7-8grx: Microsoft Outlook 98 and 2000, and Outlook Express 42022-04-30
CVEList
CVE-2000-0621: Microsoft Outlook 98 and 2000, and Outlook Express 42000-10-13
CVE-2000-0621 — Microsoft Outlook vulnerability | cvebase