Vulnerabilities > CVE-2001-1547 - Remote Security vulnerability in Microsoft Outlook Express 6.0

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

microsoft

NVD

Published: 2001-12-31

Updated: 2008-09-05

Summary

Outlook Express 6.0, with "Do not allow attachments to be saved or opened that could potentially be a virus" enabled, does not block email attachments from forwarded messages, which could allow remote attackers to execute arbitrary code.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Outlook Express 6.0	1

References

http://www.iss.net/security_center/static/7670.php
http://www.securityfocus.com/archive/1/243869
http://www.windows-help.net/microsoft/oe6-attach.html