Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs

Microsoft Outlook Express Plaintext Email Security Policy Bypass Vulnerability

Bugtraq ID: 11447
Class: Design Error
CVE:
Remote: Yes
Local: No
Published: Oct 18 2004 12:00AM
Updated: Oct 18 2004 12:00AM
Credit: Discovery of this vulnerability is credited to "http-equiv@excite.com" <1@malware.com>.
Vulnerable: Microsoft Outlook Express 5.0.1
Microsoft Outlook Express 4.72.3612
Microsoft Outlook Express 4.72.3120
Microsoft Outlook Express 4.72.2106
Microsoft Outlook Express 4.27.3110
Microsoft Outlook Express 4.0.1 SP2
Microsoft Outlook Express 6.0 SP1
+ Microsoft Windows XP 64-bit Edition SP1
 + Microsoft Windows XP 64-bit Edition SP1
 + Microsoft Windows XP Home SP1
 + Microsoft Windows XP Home SP1
 + Microsoft Windows XP Professional SP1
 + Microsoft Windows XP Professional SP1
 Microsoft Outlook Express 6.0
+ Microsoft Windows Server 2003 Datacenter Edition
+ Microsoft Windows Server 2003 Datacenter Edition
+ Microsoft Windows Server 2003 Datacenter Edition
+ Microsoft Windows Server 2003 Datacenter Edition Itanium 0
 + Microsoft Windows Server 2003 Datacenter Edition Itanium 0
 + Microsoft Windows Server 2003 Datacenter Edition Itanium 0
 + Microsoft Windows Server 2003 Enterprise Edition
+ Microsoft Windows Server 2003 Enterprise Edition
+ Microsoft Windows Server 2003 Enterprise Edition
+ Microsoft Windows Server 2003 Enterprise Edition Itanium 0
 + Microsoft Windows Server 2003 Enterprise Edition Itanium 0
 + Microsoft Windows Server 2003 Enterprise Edition Itanium 0
 + Microsoft Windows Server 2003 Itanium SP2
 + Microsoft Windows Server 2003 Itanium SP2
 + Microsoft Windows Server 2003 Itanium SP1
 + Microsoft Windows Server 2003 Itanium SP1
 + Microsoft Windows Server 2003 Standard Edition
+ Microsoft Windows Server 2003 Standard Edition
+ Microsoft Windows Server 2003 Standard Edition
+ Microsoft Windows Server 2003 Standard x64 Edition
+ Microsoft Windows Server 2003 Standard x64 Edition
+ Microsoft Windows Server 2003 Web Edition
+ Microsoft Windows Server 2003 Web Edition
+ Microsoft Windows Server 2003 Web Edition
+ Microsoft Windows Server 2003 x64 SP2
 + Microsoft Windows Server 2003 x64 SP2
 + Microsoft Windows XP 64-bit Edition
+ Microsoft Windows XP 64-bit Edition
+ Microsoft Windows XP Home
+ Microsoft Windows XP Home
+ Microsoft Windows XP Home
+ Microsoft Windows XP Media Center Edition SP2
 + Microsoft Windows XP Media Center Edition SP2
 + Microsoft Windows XP Media Center Edition
+ Microsoft Windows XP Media Center Edition
+ Microsoft Windows XP Media Center Edition
+ Microsoft Windows XP Professional
+ Microsoft Windows XP Professional
+ Microsoft Windows XP Professional
+ Microsoft Windows XP Professional x64 Edition SP2
 + Microsoft Windows XP Professional x64 Edition SP2
 + Microsoft Windows XP Tablet PC Edition SP2
 + Microsoft Windows XP Tablet PC Edition SP2
 + Microsoft Windows XP Tablet PC Edition
+ Microsoft Windows XP Tablet PC Edition
Microsoft Outlook Express 5.5 SP2
+ Microsoft Windows 2000 Advanced Server SP4
 + Microsoft Windows 2000 Advanced Server SP4
 + Microsoft Windows 2000 Advanced Server SP3
 + Microsoft Windows 2000 Advanced Server SP3
 + Microsoft Windows 2000 Datacenter Server SP4
 + Microsoft Windows 2000 Datacenter Server SP4
 + Microsoft Windows 2000 Datacenter Server SP3
 + Microsoft Windows 2000 Datacenter Server SP3
 + Microsoft Windows 2000 Professional SP4
 + Microsoft Windows 2000 Professional SP4
 + Microsoft Windows 2000 Professional SP3
 + Microsoft Windows 2000 Professional SP3
 + Microsoft Windows 2000 Server SP4
 + Microsoft Windows 2000 Server SP4
 + Microsoft Windows 2000 Server SP3
 + Microsoft Windows 2000 Server SP3
 + Microsoft Windows ME
+ Microsoft Windows ME
Microsoft Outlook Express 5.5 SP1
Microsoft Outlook Express 5.5
+ Microsoft Internet Explorer 5.0.1 for Windows NT 4.0
 + Microsoft Internet Explorer 5.0.1 for Windows NT 4.0
 + Microsoft Internet Explorer 5.0.1 for Windows 98
 + Microsoft Internet Explorer 5.0.1 for Windows 98
 + Microsoft Internet Explorer 5.0.1 for Windows 95
 + Microsoft Internet Explorer 5.0.1 for Windows 95
 + Microsoft Internet Explorer 5.0.1 for Windows 2000
 + Microsoft Internet Explorer 5.0.1 for Windows 2000
 + Microsoft Internet Explorer 5.0.1
+ Microsoft Internet Explorer 5.0.1
+ Microsoft Internet Explorer 5.5
 + Microsoft Internet Explorer 5.5
 - Microsoft Windows 2000 Professional
- Microsoft Windows 2000 Professional
- Microsoft Windows 95
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows 98
- Microsoft Windows 98SE
- Microsoft Windows 98SE
- Microsoft Windows NT 4.0
 - Microsoft Windows NT 4.0
 Microsoft Outlook Express 5.0
Microsoft Outlook Express 4.0
Not Vulnerable:







 

Privacy Statement
Copyright 2008, SecurityFocus