Vulnerabilities > CVE-2004-0215
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Microsoft Outlook Express 5.5 and 6 allows attackers to cause a denial of service (application crash) via a malformed e-mail header.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 | |
Application | 1 | |
Hardware | 2 | |
OS | 1 |
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS04-018.NASL |
description | The remote host is missing a cumulative security update for Outlook Express that fixes a denial of service vulnerability in the Outlook Express mail client. To exploit this vulnerability, an attacker would need to send a malformed message to a victim on the remote host. The message will crash the version of Outlook, thus preventing the user from reading email. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 13643 |
published | 2004-07-13 |
reporter | This script is Copyright (C) 2004-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/13643 |
title | MS04-018: Cumulative Security Update for Outlook Express (823353) |
code |
|
Oval
accepted 2007-11-13T12:01:03.958-05:00 class vulnerability contributors name Jonathan Baker organization The MITRE Corporation name Daniel Tarnu organization GFI Software name Jeff Cheng organization Opsware, Inc. name Jeff Cheng organization Opsware, Inc.
description Microsoft Outlook Express 5.5 and 6 allows attackers to cause a denial of service (application crash) via a malformed e-mail header. family windows id oval:org.mitre.oval:def:1950 status accepted submitted 2004-08-26T08:05:00.000-04:00 title Microsoft Outlook Express v6,SP1 Malformed Email Header Denial of Service version 67 accepted 2007-11-13T12:01:06.364-05:00 class vulnerability contributors name Jonathan Baker organization The MITRE Corporation name Daniel Tarnu organization GFI Software name Jeff Cheng organization Opsware, Inc. name Jeff Cheng organization Opsware, Inc.
description Microsoft Outlook Express 5.5 and 6 allows attackers to cause a denial of service (application crash) via a malformed e-mail header. family windows id oval:org.mitre.oval:def:2137 status accepted submitted 2004-08-26T08:06:00.000-04:00 title Outlook Express v5.5,SP2 Malformed Email Header Denial of Service version 67 accepted 2007-11-13T12:01:09.610-05:00 class vulnerability contributors name Jonathan Baker organization The MITRE Corporation name Christine Walzer organization The MITRE Corporation name Daniel Tarnu organization GFI Software name Jeff Cheng organization Opsware, Inc. name Jeff Cheng organization Opsware, Inc.
description Microsoft Outlook Express 5.5 and 6 allows attackers to cause a denial of service (application crash) via a malformed e-mail header. family windows id oval:org.mitre.oval:def:2657 status accepted submitted 2004-08-26T12:00:00.000-04:00 title Outlook Express v6.0 for Server 2003 Malformed Email Header Denial of Service version 67 accepted 2011-05-16T04:02:45.548-04:00 class vulnerability contributors name Jonathan Baker organization The MITRE Corporation name Christine Walzer organization The MITRE Corporation name Daniel Tarnu organization GFI Software name Jeff Cheng organization Opsware, Inc. name Jeff Cheng organization Opsware, Inc. name Shane Shaffer organization G2, Inc. name Sudhir Gandhe organization Telos name Shane Shaffer organization G2, Inc.
description Microsoft Outlook Express 5.5 and 6 allows attackers to cause a denial of service (application crash) via a malformed e-mail header. family windows id oval:org.mitre.oval:def:3376 status accepted submitted 2004-08-26T08:07:00.000-04:00 title Microsoft Outlook Express v6.0 (WinXP) Malformed Email Header Denial of Service version 72
References
- http://www.kb.cert.org/vuls/id/869640
- http://www.us-cert.gov/cas/techalerts/TA04-196A.html
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-018
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16585
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1950
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2137
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2657
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3376