Vulnerabilities > CVE-2001-0999 - Unspecified vulnerability in Microsoft Outlook Express 6.0

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

microsoft

NVD

Published: 2001-09-12

Updated: 2017-12-19

Summary

Outlook Express 6.00 allows remote attackers to execute arbitrary script by embedding SCRIPT tags in a message whose MIME content type is text/plain, contrary to the expected behavior that text/plain messages will not run script.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Outlook Express 6.0	1

References

http://www.securityfocus.com/archive/1/213754
http://www.securityfocus.com/archive/1/214453
http://www.securityfocus.com/bid/3334
https://exchange.xforce.ibmcloud.com/vulnerabilities/7118