CVE-1999-1033

Microsoft Outlook Express <4.72.3612.1700 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-1999-1033. PoCs published by Miquel van Smoorenburg.

AI-analyzed exploit summary This is a writeup describing a vulnerability in Outlook Express where a malformed email with lines containing single dots can cause the POP3 session to terminate prematurely, leading to a denial of service (DoS). The exploit leverages packet boundary manipulation to trigger the issue.

Description

Microsoft Outlook Express before 4.72.3612.1700 allows a malicious user to send a message that contains a .., which can inadvertently cause Outlook to re-enter POP3 command mode and cause the POP3 session to hang.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Miquel van Smoorenburg · textdoswindows
https://www.exploit-db.com/exploits/19207

This is a writeup describing a vulnerability in Outlook Express where a malformed email with lines containing single dots can cause the POP3 session to terminate prematurely, leading to a denial of service (DoS). The exploit leverages packet boundary manipulation to trigger the issue.

Classification
Writeup 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Theoretical
Target: Microsoft Outlook Express (version not specified)
No auth needed
Prerequisites: Ability to send an email to the target's POP3 mailbox
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/252
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=92647407427342&w=2
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=92663402004275&w=2

Scores

EPSS 0.1750
EPSS Percentile 96.8%

Details

Status published
Products (3)
microsoft/outlook_express 4.27.3110.1
microsoft/outlook_express 4.72.3120.0
microsoft/outlook_express < 4.72.3612.1700
Published May 11, 1999
Tracked Since Feb 18, 2026