Oval Definition:	oval:org.mitre.oval:def:843
Revision Date: 2012-06-04 Version: 6 Title: MS Outlook Argument Injection Local Vulnerability Description: Argument injection vulnerability in Microsoft Outlook 2002 does not sufficiently filter parameters of mailto: URLs when using them as arguments when calling OUTLOOK.EXE, which allows remote attackers to use script code in the Local Machine zone and execute arbitrary programs. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2004-0121 Platform(s): Microsoft Windows 95 Product(s): Microsoft Outlook Definition Synopsis Outlook 2002 is installed AND the version of outlook.exe is less than 10.00.5709.0000 AND NOT the patch kb828040 is installed AND NOT Microsoft Office XP Service Pack 3 is installed
BACK