CVE-2004-2482

medium Microsoft
CVSS v3 Base Score
5.0
AV:N/AC:L/Au:N/C:N/I:P/A:N
EPSS Score
21.4%
Exploitation probability in 30 days
Top 4% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
None
Integrity
P
Availability
None
Published: December 31, 2004 (7804 days ago)
Last Modified: April 16, 2026
Vendor: Microsoft
Source: NVD

Description

Microsoft Outlook 2000 and 2003, when configured to use Microsoft Word 2000 or 2003 as the e-mail editor and when forwarding e-mail, does not properly handle an opening OBJECT tag that does not have a closing OBJECT tag, which causes Outlook to automatically download the URI in the data property of the OBJECT tag and might allow remote attackers to execute arbitrary code.

CWE

NVD-CWE-Other

Affected Products

microsoft outlook

References

🔗 secunia.com 🔗 www.osvdb.org 🔗 www.securityfocus.com 🔗 www.securityfocus.com 🔗 exchange.xforce.ibmcloud.com