Vulnerabilities > CVE-2002-0285 - Unspecified vulnerability in Microsoft Outlook Express 5.5/6.0

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

microsoft

NVD

Published: 2002-05-31

Updated: 2024-11-20

Summary

Outlook Express 5.5 and 6.0 on Windows treats a carriage return ("CR") in a message header as if it were a valid carriage return/line feed combination (CR/LF), which could allow remote attackers to bypass virus protection and or other filtering mechanisms via a mail message with headers that only contain the CR, which causes Outlook to create separate headers.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Outlook Express 6.0 Microsoft Outlook Express 5.5	2

References

http://marc.info/?l=bugtraq&m=101362077701164&w=2
http://marc.info/?l=bugtraq&m=101362077701164&w=2
http://www.iss.net/security_center/static/8198.php
http://www.iss.net/security_center/static/8198.php
http://www.securityfocus.com/bid/4092
http://www.securityfocus.com/bid/4092