RSS   Vulnerabilities for 'Windows mail'   RSS

2018-07-10
 
CVE-2018-8305

CWE-200
 

 
An information disclosure vulnerability exists in Windows Mail Client when a message is opened, aka "Windows Mail Client Information Disclosure Vulnerability." This affects Mail, Calendar, and People in Windows 8.1 App Store.

 
2010-05-12
 
CVE-2010-0816

CWE-189
 

 
Integer overflow in inetcomm.dll in Microsoft Outlook Express 5.5 SP2, 6, and 6 SP1; Windows Live Mail on Windows XP SP2 and SP3, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7; and Windows Mail on Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote e-mail servers and man-in-the-middle attackers to execute arbitrary code via a crafted (1) POP3 or (2) IMAP response, as demonstrated by a certain +OK response on TCP port 110, aka "Outlook Express and Windows Mail Integer Overflow Vulnerability."

 
2008-08-12
 
CVE-2008-1448

CWE-264
 

 
The MHTML protocol handler in a component of Microsoft Outlook Express 5.5 SP2 and 6 through SP1, and Windows Mail, does not assign the correct Internet Explorer Security Zone to UNC share pathnames, which allows remote attackers to bypass intended access restrictions and read arbitrary files via an mhtml: URI in conjunction with a redirection, aka "URL Parsing Cross-Domain Information Disclosure Vulnerability."

 
2007-10-09
 
CVE-2007-3897

CWE-119
 

 
Heap-based buffer overflow in Microsoft Outlook Express 6 and earlier, and Windows Mail for Vista, allows remote Network News Transfer Protocol (NNTP) servers to execute arbitrary code via long NNTP responses that trigger memory corruption.

 
2007-06-12
 
CVE-2007-2227

CWE-Other
 

 
The MHTML protocol handler in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle Content-Disposition "notifications," which allows remote attackers to obtain sensitive information from other Internet Explorer domains, aka "Content Disposition Parsing Cross Domain Information Disclosure Vulnerability."

 
 
CVE-2007-2225

CWE-Other
 

 
A component in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle certain HTTP headers when processing MHTML protocol URLs, which allows remote attackers to obtain sensitive information from other Internet Explorer domains, aka "URL Parsing Cross Domain Information Disclosure Vulnerability."

 

 >>> Vendor: Microsoft 622 Products
Exchange server
Internet information server
Site server
Proxy server
Frontpage
Personal web server
Windows 95
Windows nt
Winsock
IE
Commerce server
Windows 2000
WINS
Netmeeting
WORD
Windows 98
Access
Backoffice
Backoffice resource kit
Office
Outlook
Project
Visual basic
Terminal server
All windows
Excel
Hotmail
Java virtual machine
Commercial internet system
Site server commerce
Windows 98se
Outlook express
Windows explorer
Sql server
Data access components
Index server
Sna server
Zero administration kit
Powerpoint
Msn setup bulletin board services
Visual interdev
Webtv
Office converter pack
Systems management server
Virtual machine
Visual studio
Clip art
Greetings
Home publishing
Data engine
Windows media services
Windows messaging
Windows media rights manager
JET
Active movie control
Photodraw 2000
Works
Money
Network monitor
Windows media player
Indexing service
Windows me
MSDE
Windows xp
Windows script host
PLUS
Windows ce
BING
Isa server
Frontpage server extensions
Services
Windows 2000 terminal services
Interix
Xml core services
Entourage
Msn chat control
Msn messenger
Msn messenger service for exchange
.net framework
Windows 98 plus pack
Microsoft data access components
Visual foxpro
Metadirectory services
Content management server
Tsac activex control
Office web components
Windows help
Ie for macintosh
.net windows server
Directx files viewer control
File transfer manager
Baseline security analyzer
Foundation class library
Windows 2003 server
Network firmware
Windows-nt
Biztalk server
Directx
Visio
Ftp service
See all Products for Vendor Microsoft


Copyright 2024, cxsecurity.com

 

Back to Top