Question 1

What is CVE-2003-1378?

Accepted Answer

CVE-2003-1378 is a high-severity software vulnerability (CWE-264) with a CVSS score of 8.8. Microsoft Outlook Express 6.0 and Outlook 2000, with the security zone set to Internet Zone, allows remote attackers to execute arbitrary programs via an HTML email with the CODEBASE parameter set to the program, a vulnerability similar to

Question 2

Is CVE-2003-1378 being actively exploited?

Accepted Answer

It is not currently in CISA's KEV catalog. Its EPSS exploitation probability is 16%.

Question 3

What products does CVE-2003-1378 affect?

Accepted Answer

Tracked products affected include Outlook. Check the version you run to see whether it is affected.

Question 4

How do I fix CVE-2003-1378?

Accepted Answer

Apply the vendor fix promptly. Upgrade affected products to a fixed version.

CVE-2003-1378

Summary

Impact & exploitability

Affected products we track (1)

Recommendation

Additional information