The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Microsoft Outlook Express

Outlook Express, Windows Mail: code execution
An attacker can setup a malicious POP/IMAP server, and invite the victim to connect with Outlook Express or Windows Mail, in order to execute code on his computer...
978542, BID-39927, CERTA-2010-AVI-205, CVE-2010-0816, MS10-030, VIGILANCE-VUL-9635
Windows, IE, OE, Media: code execution via ATL
Several vulnerabilities of Microsoft ATL (Active Template Library) impact Microsoft products...
973908, BID-35558, BID-35982, CERTA-2009-AVI-278, CERTA-2009-AVI-300, CERTA-2009-AVI-325, CERTA-2009-AVI-435, CERTA-2009-AVI-440, CERTA-2009-AVI-516, CERTA-2009-AVI-538, CERTA-2010-AVI-083, CVE-2008-0015, CVE-2008-0020, CVE-2009-0901, CVE-2009-2493, CVE-2009-2494, MS09-037, VIGILANCE-VUL-8937, VU#180513
IE: buffer overflow of Microsoft Video Control MPEG2TuneRequest
An attacker can invite the victim to see an HTML page in order to generate an overflow in the Microsoft Video Control MPEG2TuneRequest ActiveX, leading to code execution...
972890, 973346, 973908, BID-35558, CVE-2008-0015, MS09-032, MS09-037, VIGILANCE-VUL-8841, VU#180513
MIME: denial of service by encapsulation
An attacker can create an email containing deep MIME encapsulations in order to create a denial of service in several applications...
BID-32702, CVE-2008-5424, CVE-2008-5425, CVE-2008-5426, CVE-2008-5427, CVE-2008-5428, VIGILANCE-VUL-8296
Outlook Express, Windows Mail: buffer overflow via NNTP
An attacker can setup a malicious NNTP server in order to execute code on computer of victims who connect to this server...
941202, BID-25908, CERTA-2007-AVI-431, CVE-2007-3897, MS07-056, VIGILANCE-VUL-7218
OE, Windows Mail: several vulnerabilities
Several vulnerabilities of Outlook Express or Windows Mail lead to information disclosure or to code execution...
929123, BID-17717, BID-23103, BID-24392, BID-24410, CERTA-2007-AVI-259, CVE-2006-2111, CVE-2007-1658, CVE-2007-2225, CVE-2007-2227, MS07-034, VIGILANCE-VUL-6907, VU#682825, VU#783761
Windows Mail: command execution
When user clicks on a command which has the same name as a directory, it is executed without warning...
929123, BID-23103, CVE-2007-1658, MS07-034, VIGILANCE-VUL-6679
Outlook Express: buffer overflow of WAB
A malicious WAB file generates an overflow and leads to code execution...
923694, BID-21501, CERTA-2006-AVI-548, CVE-2006-2386, MS06-076, VIGILANCE-VUL-6393
Outlook Express, Internet Explorer: access to data of another site via mhtml
An attacker can create a website using a redirection and a mhtml: uri in order to access data of another web site...
929123, BID-17717, CVE-2006-2111, MS07-034, VIGILANCE-VUL-6253
Outlook Express: buffer overflow of a MHTML uri
An attacker can create a document with a long MHTML uri in order to execute code on user's computer...
920214, BID-18198, CERTA-2006-AVI-341, CVE-2006-2766, MS06-043, VIGILANCE-VUL-6067, VU#891204
Our database contains other pages. You can request a free trial to read them.