Vulnerabilities > CVE-2004-0503 - Unspecified vulnerability in Microsoft Outlook 2003

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

microsoft

NVD

Published: 2004-08-18

Updated: 2017-07-11

Summary

Microsoft Outlook 2003 allows remote attackers to bypass the default zone restrictions and execute script within media files via a Rich Text Format (RTF) message containing an OLE object for the Windows Media Player, which bypasses Media Player's setting to disallow scripting and may lead to unprompted installation of an executable when exploited in conjunction with predictable-file-location exposures such as CVE-2004-0502.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Outlook 2003	1

References

http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0885.html
http://marc.info/?l=bugtraq&m=108483193328605&w=2
http://secunia.com/advisories/11629
http://www.osvdb.org/6217
http://www.securityfocus.com/bid/10369
https://exchange.xforce.ibmcloud.com/vulnerabilities/16173