CVE-2000-0567

Microsoft Outlook and Outlook Express - Remote Code Execution via Malformed Email Date Header

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2000-0567. PoCs published by Ussr Labs.

AI-analyzed exploit summary The writeup describes a buffer overflow vulnerability in Microsoft Outlook and Outlook Express due to improper bounds checking in the GMT section of the email date field. Exploiting this could allow arbitrary code execution when a malicious email is downloaded via POP3 or IMAP4.

Description

Buffer overflow in Microsoft Outlook and Outlook Express allows remote attackers to execute arbitrary commands via a long Date field in an email header, aka the "Malformed E-mail Header" vulnerability.

Exploits (2)

exploitdb WRITEUP VERIFIED

by Ussr Labs · textremotewindows

https://www.exploit-db.com/exploits/20079

View Code ZIP pw:eip

The writeup describes a buffer overflow vulnerability in Microsoft Outlook and Outlook Express due to improper bounds checking in the GMT section of the email date field. Exploiting this could allow arbitrary code execution when a malicious email is downloaded via POP3 or IMAP4.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: Microsoft Outlook and Outlook Express (all versions)

No auth needed

Prerequisites: Ability to send a crafted email to the target

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by Ussr Labs · perlremotewindows

https://www.exploit-db.com/exploits/20078

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Microsoft Outlook and Outlook Express by sending a maliciously crafted email with an overly long GMT field in the date header. The exploit uses shellcode to achieve arbitrary code execution on the target system when the email is downloaded via POP3 or IMAP4.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Microsoft Outlook and Outlook Express (all versions up to 2000)

No auth needed

Prerequisites: SMTP server access · Target email address

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/4953

Vendor Advisory vendor-advisory x_refsource_ms

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-043

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/1481

Scores

EPSS 0.3233

EPSS Percentile 98.1%

Details

Status published

Products (6)

microsoft/outlook 97

microsoft/outlook 98

microsoft/outlook 2000

microsoft/outlook_express 4.0

microsoft/outlook_express 4.01

microsoft/outlook_express 5.0

Published Jul 18, 2000

Tracked Since Feb 18, 2026