CVE-2000-0653

Microsoft Outlook Express - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-0653. PoCs published by Georgi Guninski.

AI-analyzed exploit summary This exploit leverages a vulnerability in Microsoft Outlook Express 5 where HTML parsing allows execution of Active Scripting. The provided JavaScript code opens a new window and uses the 'about:' protocol to execute arbitrary script, demonstrating the ability to read the content of new email messages.

Description

Microsoft Outlook Express allows remote attackers to monitor a user's email by creating a persistent browser link to the Outlook Express windows, aka the "Persistent Mail-Browser Link" vulnerability.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Georgi Guninski · textremotewindows

https://www.exploit-db.com/exploits/19738

View Code ZIP pw:eip

This exploit leverages a vulnerability in Microsoft Outlook Express 5 where HTML parsing allows execution of Active Scripting. The provided JavaScript code opens a new window and uses the 'about:' protocol to execute arbitrary script, demonstrating the ability to read the content of new email messages.

Classification

Working Poc 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: Microsoft Outlook Express 5

No auth needed

Prerequisites: Victim must open a malicious HTML email in Outlook Express 5

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Patch, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/1502

Vendor Advisory vendor-advisory x_refsource_ms

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-045

Scores

EPSS 0.2709

EPSS Percentile 97.8%

Details

Status published

Products (4)

microsoft/outlook_express 4.0

microsoft/outlook_express 4.01

microsoft/outlook_express 5.0

microsoft/outlook_express 5.0.1

Published Jul 20, 2000

Tracked Since Feb 18, 2026