CVE-2001-0538

Microsoft Outlook < 2002 - Remote Code Execution via Malicious HTML Email or Web Page

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2001-0538. PoCs published by Georgi Guninski.

AI-analyzed exploit summary This exploit leverages an unsafe ActiveX control in Microsoft Outlook XP to access and manipulate user emails via scripting. It demonstrates reading email content and executing arbitrary commands through WScript.Shell.

Description

Microsoft Outlook View ActiveX Control in Microsoft Outlook 2002 and earlier allows remote attackers to execute arbitrary commands via a malicious HTML e-mail message or web page.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Georgi Guninski · textremotewindows

https://www.exploit-db.com/exploits/21003

View Code ZIP pw:eip

This exploit leverages an unsafe ActiveX control in Microsoft Outlook XP to access and manipulate user emails via scripting. It demonstrates reading email content and executing arbitrary commands through WScript.Shell.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Microsoft Outlook XP

No auth needed

Prerequisites: Outlook XP installed · At least one email in the Inbox · ActiveX controls enabled

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by Georgi Guninski · textremotewindows

https://www.exploit-db.com/exploits/21004

View Code ZIP pw:eip

This exploit leverages the 'Microsoft Outlook View Control' ActiveX control, marked as 'safe for scripting', to execute arbitrary commands via WScript.Shell. It demonstrates command execution by running a directory listing command.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Microsoft Outlook XP

No auth needed

Prerequisites: Target must have at least one message in Outlook XP's Inbox · ActiveX controls must be enabled

MITRE ATT&CK

T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7

Core References

Mailing List mailing-list x_refsource_bugtraq

http://marc.info/?l=bugtraq&m=99496431214078&w=2

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/3025

Vendor Advisory vendor-advisory x_refsource_ms

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-038

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/6831

Third Party Advisory, US Government Resource third-party-advisory government-resource x_refsource_ciac

http://www.ciac.org/ciac/bulletins/l-113.shtml

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/131569

Various Sources mailing-list x_refsource_ntbugtraq

http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0107&L=ntbugtraq&F=P&S=&P=862

Scores

EPSS 0.5285

EPSS Percentile 98.8%

Details

Status published

Products (1)

microsoft/outlook < 2002

Published Aug 14, 2001

Tracked Since Feb 18, 2026