PT-2000-1555 · Microsoft · Outlook+1

Published

2000-07-20

Updated

2018-10-12

CVE-2000-0621

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Microsoft Outlook versions 98 and 2000 Microsoft Outlook Express versions 4.0x and 5.0x

Description The issue allows remote attackers to read files on the client's system via a malformed HTML message that stores files outside of the cache.

Recommendations For Microsoft Outlook versions 98 and 2000, apply the necessary configuration changes to restrict access to sensitive files. For Microsoft Outlook Express versions 4.0x and 5.0x, consider disabling the rendering of HTML messages until a fix is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2000-0621

Affected Products

Outlook

Outlook Express

PT-2000-1555 · Microsoft · Outlook+1

CVE-2000-0621

Related Identifiers

Affected Products

References · 5