CVE-2001-0999

Name of the Vulnerable Software and Affected Versions Outlook Express version 6.00

Description The issue allows remote attackers to execute arbitrary script by embedding SCRIPT tags in a message whose MIME content type is text/plain. This behavior is contrary to the expected behavior that text/plain messages will not run script.

Recommendations For Outlook Express version 6.00, consider disabling the execution of scripts in text/plain messages as a temporary workaround until a patch is available. Restrict access to potentially malicious emails to minimize the risk of exploitation.