Microsoft Outlook HTML Mail Script Execution Vulnerability
Microsoft Outlook can be made to execute script embedded in HTML mail without warning the user. This is done by creating a web browser object containing script in the "Location" parameter specified by a <PARAM ... > tag and embedding this in the mail.
When a user chooses to "reply" or "forward" the message, the script is executed.
Script may also be embedded in .doc or .xls attachments.
It may be possible to exploit this vulnerability to cause arbitrary commands to be executed on the system running the vulnerable software.
This issue only exists if the WordMail editor is used. Those who use the default Outlook editor are allegedly not affected by this vulnerability.