CVE-2006-0014Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Outlook Express

3 documents3 sources
Severity
5.1MEDIUMNVD
EPSS
41.4%
top 2.59%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Outlook Express
Timeline
PublishedApr 12
Latest updateMay 1

Description

Buffer overflow in Microsoft Outlook Express 5.5 and 6 allows remote attackers to execute arbitrary code via a crafted Windows Address Book (WAB) file containing "certain Unicode strings" and modified length values.

CVSS vector

AV:N/AC:H/C:P/I:P/A:PExploitability: 4.9 | Impact: 6.4

Affected Packages1 packages

Patches

Patch: secunia.comPatch: secunia.com

🔴Vulnerability Details

2
GHSA
GHSA-whwq-93f8-2jg6: Buffer overflow in Microsoft Outlook Express 52022-05-01
CVEList
CVE-2006-0014: Buffer overflow in Microsoft Outlook Express 52006-04-12
CVE-2006-0014 — Microsoft Outlook Express vulnerability | cvebase