CVE-2000-0036
CVSS 2.0 Score 5 of 10 (medium)
Details
Summary
CVE-2000-0036, also known as the "HTML Mail Attachment" vulnerability, affects Outlook Express 5 for Macintosh. This issue permits the automatic downloading of email attachments without user consent when viewing HTML emails. Malicious actors could exploit this vulnerability by sending specially crafted emails with malicious attachments, potentially leading to the installation of malware on the victim's system. The lack of user prompting significantly increases the risk of successful attacks. Users are advised to update their Outlook Express software or consider using alternative email clients with enhanced security features.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Microsoft Internet Explorer
- Microsoft Outlook Express
Affected Vendors
- Microsoft