CVE-2004-2137

Sažetak

Outlook Express 6.0, when sending multipart e-mail messages using the "Break apart messages larger than" setting, leaks the BCC recipients of the message to the addresses listed in the To and CC fields, which may allow remote attackers to obtain sensitive information.

Reference

http://secunia.com/advisories/12376
http://securitytracker.com/id?1011067
http://support.microsoft.com/kb/843555
http://www.networksecurity.fi/advisories/outlook-bcc.html
http://www.osvdb.org/9167
http://www.securityfocus.com/bid/11040
https://exchange.xforce.ibmcloud.com/vulnerabilities/17098

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

11-07-2017 - 01:31

Objavljeno

31-12-2004 - 05:00