Description
Outlook 2003, when replying to an e-mail message, stores certain files in a predictable location for the "src" of an img tag of the original message, which allows remote attackers to bypass zone restrictions and exploit other issues that rely on predictable locations, as demonstrated using a shell: URI.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by http-equiv · textremotewindows
https://www.exploit-db.com/exploits/24101
References (6)
Core 6
Core References
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/11572
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=108637351805607&w=2
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=108420583612655&w=2
Mailing List mailing-list
x_refsource_ntbugtraq
http://marc.info/?l=ntbugtraq&m=108644231209698&w=2
Exploit, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/10307
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/16104
Scores
EPSS
0.5675
EPSS Percentile
98.1%
Details
Status
published
Products (1)
microsoft/outlook
2003
Published
Aug 18, 2004
Tracked Since
Feb 18, 2026