Vulnerability Description
Microsoft Outlook Express 6.0 allows remote attackers to bypass intended access restrictions, load content from arbitrary sources into the Outlook context, and facilitate phishing attacks via a "BASE HREF" with the target set to "_top".
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Outlook Express | 6.0 |
Related Weaknesses (CWE)
References
- http://marc.info/?l=bugtraq&m=108448627120764&w=2
- http://secunia.com/advisories/11607Vendor Advisory
- http://www.osvdb.org/6121
- http://marc.info/?l=bugtraq&m=108448627120764&w=2
- http://secunia.com/advisories/11607Vendor Advisory
- http://www.osvdb.org/6121
FAQ
What is CVE-2004-2694?
CVE-2004-2694 is a vulnerability with a CVSS score of 5.8 (MEDIUM). Microsoft Outlook Express 6.0 allows remote attackers to bypass intended access restrictions, load content from arbitrary sources into the Outlook context, and facilitate phishing attacks via a "BASE ...
How severe is CVE-2004-2694?
CVE-2004-2694 has been rated MEDIUM with a CVSS base score of 5.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-2694?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Outlook Express.