[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247768

 
 

909

 
 

194555

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-1305Date: (C)2006-12-31   (M)2023-12-22


Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to cause a denial of service (memory exhaustion and interrupted mail recovery) via malformed e-mail header information, possibly related to (1) long subject lines or (2) large numbers of recipients in To or CC headers.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.3
Exploit Score: 8.6
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
SECTRACK-1017488
BID-21937
SECUNIA-23674
OSVDB-31253
ADV-2007-0104
HPSBST02184
MS07-003
TA07-009A
VU#617436
http://linuxbox.org/pipermail/funsec/2006-March/005208.html
http://blogs.securiteam.com/index.php/archives/347
http://osvdb.org/ref/24/24081-outlook1.txt
oval:org.mitre.oval:def:122

CPE    6
cpe:/a:microsoft:office:2000:sp3
cpe:/a:microsoft:office:xp:sp3
cpe:/a:microsoft:outlook:2003
cpe:/a:microsoft:outlook:2002
...
CWE    1
CWE-399
OVAL    1
oval:org.mitre.oval:def:122

© SecPod Technologies