- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 24687
- Проверка EDB
-
- Пройдено
- Автор
- HTTP-EQUIV
- Тип уязвимости
- REMOTE
- Платформа
- WINDOWS
- CVE
- null
- Дата публикации
- 2004-10-18
Microsoft Outlook Express 4.x/5.x/6.0 - Plaintext Email Security Policy Bypass
Код:
source: https://www.securityfocus.com/bid/11447/info
Microsoft Outlook Express is reported prone to a security policy bypass vulnerability.
The vulnerability presents itself if an attached image file is referenced using a specially crafted CID URI.
This will result in a policy bypass because the image will be automatically rendered when the email is viewed in Outlook Express.
<CENTER><IMG SRC="CID:{F69034DE-F779-4AA2-B5A9-
7413133C2A29}/malware.JPG"></CENTER>
- Источник
- www.exploit-db.com