CVE-2003-1378

high

Description

Microsoft Outlook Express 6.0 and Outlook 2000, with the security zone set to Internet Zone, allows remote attackers to execute arbitrary programs via an HTML email with the CODEBASE parameter set to the program, a vulnerability similar to CAN-2002-0077.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/11411

http://www.securityfocus.com/archive/1/312929

Details

Source: Mitre, NVD

Published: 2003-12-31

Updated: 2017-07-29

Risk Information

CVSS v2

Base Score: 8.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:N

Severity: High

CVSS v3

Base Score: 8.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N