CVE-2006-0002

high Microsoft
CVSS v3 Base Score
7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS Score
32.8%
Exploitation probability in 30 days
Top 3% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
P
Integrity
P
Availability
P
Published: January 10, 2006 (7428 days ago)
Last Modified: April 16, 2026
Vendor: Microsoft
Source: NVD

Description

Unspecified vulnerability in Microsoft Outlook 2000 through 2003, Exchange 5.0 Server SP2 and 5.5 SP4, Exchange 2000 SP3, and Office allows remote attackers to execute arbitrary code via an e-mail message with a crafted Transport Neutral Encapsulation Format (TNEF) MIME attachment, related to message length validation.

CWE

NVD-CWE-noinfo

Affected Products

microsoft exchange servermicrosoft officemicrosoft outlook

References

🔗 secunia.com 🔗 securityreason.com 🔗 securityreason.com 🔗 securitytracker.com 🔗 securitytracker.com