Microsoft Outlook Express 4.x/5.x/6.0 - Plaintext Email Security Policy Bypass

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1054719 漏洞类型
发布时间 2004-10-18 更新时间 2004-10-18
CVE编号 N/A CNNVD-ID N/A
漏洞平台 Windows CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/24687
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/11447/info

Microsoft Outlook Express is reported prone to a security policy bypass vulnerability.

The vulnerability presents itself if an attached image file is referenced using a specially crafted CID URI.

This will result in a policy bypass because the image will be automatically rendered when the email is viewed in Outlook Express.

<CENTER><IMG SRC="CID:{F69034DE-F779-4AA2-B5A9-
7413133C2A29}/malware.JPG"></CENTER>