Vulnerabilities > CVE-2003-0007 - Unspecified vulnerability in Microsoft Outlook 2002

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

microsoft

NVD

Published: 2003-02-07

Updated: 2018-10-12

Summary

Microsoft Outlook 2002 does not properly handle requests to encrypt email messages with V1 Exchange Server Security certificates, which causes Outlook to send the email in plaintext, aka "Flaw in how Outlook 2002 handles V1 Exchange Server Security Certificates could lead to Information Disclosure."

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Outlook 2002	3

References

http://www.securityfocus.com/bid/6667
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-003
https://exchange.xforce.ibmcloud.com/vulnerabilities/11133