CVE-2004-0502

Outlook 2003, when replying to an e-mail message, stores certain files in a predictable location for the "src" of an img tag of the original message, which allows remote attackers to bypass zone restrictions and exploit other issues that rely on predictable locations, as demonstrated using a shell: URI.

Published: Aug 18, 2004
Updated: Apr 13, 2023
CVE: CVE-2004-0502
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsoft / outlook	2003	2003.x

http://marc.info/?l=bugtraq&m=108420583612655&w=2
http://marc.info/?l=bugtraq&m=108637351805607&w=2
http://marc.info/?l=ntbugtraq&m=108644231209698&w=2
http://secunia.com/advisories/11572
http://www.securityfocus.com/bid/10307
https://exchange.xforce.ibmcloud.com/vulnerabilities/16104

Vulnerability Database

289,599

CVE-2004-0502