CVE-2001-1099

Norton AntiVirus for Microsoft Exchange 2000 2.x - Info Disclosure

Title source: llm

Description

The default configuration of Norton AntiVirus for Microsoft Exchange 2000 2.x allows remote attackers to identify the recipient's INBOX file path by sending an email with an attachment containing malicious content, which includes the path in the rejection notice.

References (4)

[Third Party Advisory, VDB Entry, Vendor Advisory] http://www.securityfocus.com/archive/1/212724

[Third Party Advisory, VDB Entry, Vendor Advisory] http://www.securityfocus.com/archive/1/213762

[Third Party Advisory, VDB Entry, Vendor Advisory] http://www.securityfocus.com/bid/3305

[VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/7093

Scores

EPSS 0.0283

EPSS Percentile 86.0%

Classification

CWE

CWE-434

Status draft

Affected Products (1)

symantec/norton_antivirus

Timeline

Published Sep 07, 2001

Tracked Since Feb 18, 2026