CVE-2001-0538
HIGH severity · CVSS 10
10CVSS HIGH
Summary
Microsoft Outlook View ActiveX Control in Microsoft Outlook 2002 and earlier allows remote attackers to execute arbitrary commands via a malicious HTML e-mail message or web page.
Impact & exploitability
Attack vectorNetwork
Attack complexityLow
Privileges required—
User interaction—
Confidentiality impact—
Integrity impact—
Availability impact—
Exploit probability (EPSS)53%
AV:N/AC:L/Au:N/C:C/I:C/A:C
Affected products we track (1)
Recommendation
Apply the vendor fix promptly. Open any affected product above for its exact safe version.
Additional information
- NVD record
- http://marc.info/?l=bugtraq&m=99496431214078&w=2
- http://www.ciac.org/ciac/bulletins/l-113.shtml
- http://www.kb.cert.org/vuls/id/131569
- http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0107&L=ntbugtraq&F=P&S=&P=862
- http://www.securityfocus.com/bid/3025
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-038
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6831