Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2002-2164Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Outlook Express

4 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
39.3%
top 2.70%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Outlook Express
Timeline
PublishedDec 31
Latest updateApr 30

Description

Buffer overflow in Microsoft Outlook Express 5.0, 5.5, and 6.0 allows remote attackers to cause a denial of service (crash) via a long link.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDmicrosoft/outlook_express4 versions+3

Patches

Patch: archives.neohapsis.comPatch: archives.neohapsis.com

🔴Vulnerability Details

2
GHSA
GHSA-c6p2-r32q-c84p: Buffer overflow in Microsoft Outlook Express 52022-04-30
CVEList
CVE-2002-2164: Buffer overflow in Microsoft Outlook Express 52005-11-16

💥Exploits & PoCs

1
Exploit-DB
Alleged Outlook Express 5/6 Link - Denial of Service2002-09-09
CVE-2002-2164 — Microsoft Outlook Express vulnerability | cvebase