Vulnerabilities (CVE)

Filtered by vendor Microsoft Subscribe
Filtered by product Outlook Express
Total 45 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2004-2694 1 Microsoft 1 Outlook Express 2025-04-03 5.8 MEDIUM N/A
Microsoft Outlook Express 6.0 allows remote attackers to bypass intended access restrictions, load content from arbitrary sources into the Outlook context, and facilitate phishing attacks via a "BASE HREF" with the target set to "_top".
CVE-2000-0036 1 Microsoft 2 Ie, Outlook Express 2025-04-03 5.0 MEDIUM N/A
Outlook Express 5 for Macintosh downloads attachments to HTML mail without prompting the user, aka the "HTML Mail Attachment" vulnerability.
CVE-2006-2111 1 Microsoft 1 Outlook Express 2025-04-03 4.3 MEDIUM N/A
A component in Microsoft Outlook Express 6 allows remote attackers to bypass domain restrictions and obtain sensitive information via redirections with the mhtml: URI handler, as originally reported for Internet Explorer 6 and 7, aka "URL Redirect Cross Domain Information Disclosure Vulnerability."
CVE-1999-1164 1 Microsoft 2 Outlook, Outlook Express 2025-04-03 5.0 MEDIUM N/A
Microsoft Outlook client allows remote attackers to cause a denial of service by sending multiple email messages with the same X-UIDL headers, which causes Outlook to hang.
CVE-2004-0215 2 Avaya, Microsoft 5 Definity One Media Server, Ip600 Media Servers, Modular Messaging Message Storage Server and 2 more 2025-04-03 5.0 MEDIUM N/A
Microsoft Outlook Express 5.5 and 6 allows attackers to cause a denial of service (application crash) via a malformed e-mail header.