[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-0014Date: (C)2006-04-11   (M)2023-12-22


Buffer overflow in Microsoft Outlook Express 5.5 and 6 allows remote attackers to execute arbitrary code via a crafted Windows Address Book (WAB) file containing "certain Unicode strings" and modified length values.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.1
Exploit Score: 4.9
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: HIGH
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1015898
BID-17459
SECUNIA-19617
http://www.securityfocus.com/archive/1/430645/100/0/threaded
SREASON-691
ADV-2006-1321
MS06-016
http://www.zerodayinitiative.com/advisories/ZDI-06-007.html
outlook-express-wab-bo(25535)
oval:org.mitre.oval:def:1611
oval:org.mitre.oval:def:1682
oval:org.mitre.oval:def:1769
oval:org.mitre.oval:def:1771
oval:org.mitre.oval:def:1780
oval:org.mitre.oval:def:1791
oval:org.mitre.oval:def:812

CPE    5
cpe:/a:microsoft:outlook_express:5.5:sp2
cpe:/a:microsoft:outlook_express:5.5:sp1
cpe:/a:microsoft:outlook_express:5.5
cpe:/a:microsoft:outlook_express:6.0:sp1
...
OVAL    7
oval:org.mitre.oval:def:1769
oval:org.mitre.oval:def:1682
oval:org.mitre.oval:def:812
oval:org.mitre.oval:def:1791
...

© SecPod Technologies