Vulnerabilities > Microsoft > Outlook > 2002
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-09-15 | CVE-2010-2728 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Outlook 2002/2003/2007 Heap-based buffer overflow in Microsoft Outlook 2002 SP3, 2003 SP3, and 2007 SP2, when Online Mode for an Exchange Server is enabled, allows remote attackers to execute arbitrary code via a crafted e-mail message, aka "Heap Based Buffer Overflow in Outlook Vulnerability." | 9.3 |
| 2010-07-15 | CVE-2010-0266 | Code Injection vulnerability in Microsoft Outlook 2002/2003/2007 Microsoft Office Outlook 2002 SP3, 2003 SP3, and 2007 SP1 and SP2 does not properly verify e-mail attachments with a PR_ATTACH_METHOD property value of ATTACH_BY_REFERENCE, which allows user-assisted remote attackers to execute arbitrary code via a crafted message, aka "Microsoft Outlook SMB Attachment Vulnerability." | 9.3 |
| 2007-02-03 | CVE-2007-0671 | Remote Code Execution vulnerability in Microsoft Office Malformed String Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks. | 9.3 |
| 2007-01-09 | CVE-2007-0034 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Office and Outlook Buffer overflow in the Advanced Search (Finder.exe) feature of Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted Outlook Saved Searches (OSS) file that triggers memory corruption, aka "Microsoft Outlook Advanced Find Vulnerability." | 9.3 |
| 2007-01-09 | CVE-2007-0033 | Remote Code Execution vulnerability in Microsoft Outlook VEVENT Record Microsoft Outlook 2002 and 2003 allows user-assisted remote attackers to execute arbitrary code via a malformed VEVENT record in an .iCal meeting request or ICS file. | 9.3 |
| 2006-12-31 | CVE-2006-1305 | Resource Management Errors vulnerability in Microsoft Office and Outlook Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to cause a denial of service (memory exhaustion and interrupted mail recovery) via malformed e-mail header information, possibly related to (1) long subject lines or (2) large numbers of recipients in To or CC headers. | 4.3 |
| 2006-10-10 | CVE-2006-3877 | Code Injection vulnerability in Microsoft products Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-2006-3876. | 9.3 |
| 2006-01-10 | CVE-2006-0002 | Remote Code Execution vulnerability in Microsoft Outlook / Microsoft Exchange TNEF Decoding Unspecified vulnerability in Microsoft Outlook 2000 through 2003, Exchange 5.0 Server SP2 and 5.5 SP4, Exchange 2000 SP3, and Office allows remote attackers to execute arbitrary code via an e-mail message with a crafted Transport Neutral Encapsulation Format (TNEF) MIME attachment, related to message length validation. | 7.5 |
| 2004-11-23 | CVE-2004-0284 | Unspecified vulnerability in Microsoft IE, Internet Explorer and Outlook Microsoft Internet Explorer 6.0, Outlook 2002, and Outlook 2003 allow remote attackers to cause a denial of service (CPU consumption), if "Do not save encrypted pages to disk" is disabled, via a web site or HTML e-mail that contains two null characters (%00) after the host name. | 5.0 |
| 2004-09-28 | CVE-2004-0200 | Unspecified vulnerability in Microsoft products Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation. | 9.3 |