CVE-2005-4840

CVE Database · CVE-2005-4840

CVE-2005-4840

· N/AModified

CVSS v3.1

N/A

EPSS

11.62%

Published

Dec 31, 2005

Modified

Apr 15, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The Outlook Express Address Book control, when using Internet Explorer 6, allows remote attackers to cause a denial of service (NULL dereference and browser crash) by creating the OutlookExpress.AddressBook COM object, which is not intended for use within Internet Explorer.

Weaknesses (CWE)

CWE-119

Affected Products (2)

microsoft · outlook_express_book_controlvulnerable

microsoft · internet_explorer

References (10)

http://browserfun.blogspot.com/2006/07/mobb-3-outlookexpressaddressbook_02.html

http://www.osvdb.org/26836

http://www.securityfocus.com/archive/1/391803

http://www.securityfocus.com/archive/1/470694/100/0/threaded

https://exchange.xforce.ibmcloud.com/vulnerabilities/34755

http://browserfun.blogspot.com/2006/07/mobb-3-outlookexpressaddressbook_02.html

http://www.osvdb.org/26836

http://www.securityfocus.com/archive/1/391803

http://www.securityfocus.com/archive/1/470694/100/0/threaded

https://exchange.xforce.ibmcloud.com/vulnerabilities/34755

KEV Catalog EPSS Scores Vendors All CVEs