CVE-2001-0999 — Microsoft Outlook Express vulnerability

3 documents3 sources

Severity

7.5HIGHNVD

EPSS

12.7%

top 5.99%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Outlook Express

Timeline

PublishedSep 12

Latest updateApr 30

Description

Outlook Express 6.00 allows remote attackers to execute arbitrary script by embedding SCRIPT tags in a message whose MIME content type is text/plain, contrary to the expected behavior that text/plain messages will not run script.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDmicrosoft/outlook_express6.0

🔴Vulnerability Details

GHSA

GHSA-rqf7-57fr-3qfm: Outlook Express 6↗2022-04-30

▶

CVEList

CVE-2001-0999: Outlook Express 6↗2002-02-02

▶