CVE-2004-2137

Опубликовано: 31 дек. 2004

Источник: nvd

CVSS2: 5

EPSS Средний

Описание

Outlook Express 6.0, when sending multipart e-mail messages using the "Break apart messages larger than" setting, leaks the BCC recipients of the message to the addresses listed in the To and CC fields, which may allow remote attackers to obtain sensitive information.

Ссылки

http://secunia.com/advisories/12376
Patch
Vendor Advisory
http://securitytracker.com/id?1011067
Patch
http://support.microsoft.com/kb/843555
Patch
Vendor Advisory
http://www.networksecurity.fi/advisories/outlook-bcc.html
Patch
Vendor Advisory
http://www.osvdb.org/9167
http://www.securityfocus.com/bid/11040
https://exchange.xforce.ibmcloud.com/vulnerabilities/17098
http://secunia.com/advisories/12376
Patch
Vendor Advisory
http://securitytracker.com/id?1011067
Patch
http://support.microsoft.com/kb/843555
Patch
Vendor Advisory
http://www.networksecurity.fi/advisories/outlook-bcc.html
Patch
Vendor Advisory
http://www.osvdb.org/9167
http://www.securityfocus.com/bid/11040
https://exchange.xforce.ibmcloud.com/vulnerabilities/17098

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:microsoft:outlook_express:6.0:*:*:*:*:*:*:*

cpe:2.3:a:microsoft:outlook_express:6.0:sp1:*:*:*:*:*:*

EPSS

Процентиль: 97%

0.33173

Средний

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-8m78-x5mr-mm5q

github

почти 4 года назад