CVE Database · CVE-2003-1378
CVSS v3.1
N/A
EPSS
15.58%
Published
Dec 31, 2003
Modified
Apr 15, 2026
Public PoC / Exploit (2)
All weaponized →Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
Microsoft Outlook Express 6.0 and Outlook 2000, with the security zone set to Internet Zone, allows remote attackers to execute arbitrary programs via an HTML email with the CODEBASE parameter set to the program, a vulnerability similar to CAN-2002-0077.
Weaknesses (CWE)
Affected Products (4)
References (8)
