CVE-2003-0007

Microsoft Outlook 2002 does not properly handle requests to encrypt email messages with V1 Exchange Server Security certificates, which causes Outlook to send the email in plaintext, aka "Flaw in how Outlook 2002 handles V1 Exchange Server Security Certificates could lead to Information Disclosure."

Published: Feb 7, 2003
Updated: Apr 13, 2023
CVE: CVE-2003-0007
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsoft / outlook	2002-sp2	2002-sp2.x
microsoft / outlook	2002-sp1	2002-sp1.x
microsoft / outlook	2002	2002.x

http://www.securityfocus.com/bid/6667
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-003
https://exchange.xforce.ibmcloud.com/vulnerabilities/11133

Vulnerability Database

289,599

CVE-2003-0007