CVE-2004-0502 (GCVE-0-2004-0502)

Vulnerability from cvelistv5 – Published: 2004-06-03 04:00 – Updated: 2024-08-08 00:17
VLAI?
Summary
Outlook 2003, when replying to an e-mail message, stores certain files in a predictable location for the "src" of an img tag of the original message, which allows remote attackers to bypass zone restrictions and exploit other issues that rely on predictable locations, as demonstrated using a shell: URI.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://secunia.com/advisories/11572 third-party-advisoryx_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=108637351805607&w=2 mailing-listx_refsource_BUGTRAQ
http://marc.info/?l=bugtraq&m=108420583612655&w=2 mailing-listx_refsource_BUGTRAQ
http://marc.info/?l=ntbugtraq&m=108644231209698&w=2 mailing-listx_refsource_NTBUGTRAQ
http://www.securityfocus.com/bid/10307 vdb-entryx_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:17:15.093Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "11572",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/11572"
          },
          {
            "name": "20040604 RE: PING: Outlook 2003 Spam",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=108637351805607\u0026w=2"
          },
          {
            "name": "20040509 OUTLOOK 2003: OuchLook",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=108420583612655\u0026w=2"
          },
          {
            "name": "20040604 RE: PING: Outlook 2003 Spam",
            "tags": [
              "mailing-list",
              "x_refsource_NTBUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=ntbugtraq\u0026m=108644231209698\u0026w=2"
          },
          {
            "name": "10307",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/10307"
          },
          {
            "name": "outlook-file-location-predictable(16104)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16104"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-05-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Outlook 2003, when replying to an e-mail message, stores certain files in a predictable location for the \"src\" of an img tag of the original message, which allows remote attackers to bypass zone restrictions and exploit other issues that rely on predictable locations, as demonstrated using a shell: URI."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "11572",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/11572"
        },
        {
          "name": "20040604 RE: PING: Outlook 2003 Spam",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=108637351805607\u0026w=2"
        },
        {
          "name": "20040509 OUTLOOK 2003: OuchLook",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=108420583612655\u0026w=2"
        },
        {
          "name": "20040604 RE: PING: Outlook 2003 Spam",
          "tags": [
            "mailing-list",
            "x_refsource_NTBUGTRAQ"
          ],
          "url": "http://marc.info/?l=ntbugtraq\u0026m=108644231209698\u0026w=2"
        },
        {
          "name": "10307",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/10307"
        },
        {
          "name": "outlook-file-location-predictable(16104)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16104"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0502",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Outlook 2003, when replying to an e-mail message, stores certain files in a predictable location for the \"src\" of an img tag of the original message, which allows remote attackers to bypass zone restrictions and exploit other issues that rely on predictable locations, as demonstrated using a shell: URI."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "11572",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/11572"
            },
            {
              "name": "20040604 RE: PING: Outlook 2003 Spam",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=108637351805607\u0026w=2"
            },
            {
              "name": "20040509 OUTLOOK 2003: OuchLook",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=108420583612655\u0026w=2"
            },
            {
              "name": "20040604 RE: PING: Outlook 2003 Spam",
              "refsource": "NTBUGTRAQ",
              "url": "http://marc.info/?l=ntbugtraq\u0026m=108644231209698\u0026w=2"
            },
            {
              "name": "10307",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/10307"
            },
            {
              "name": "outlook-file-location-predictable(16104)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16104"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0502",
    "datePublished": "2004-06-03T04:00:00",
    "dateReserved": "2004-05-27T00:00:00",
    "dateUpdated": "2024-08-08T00:17:15.093Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:outlook:2003:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C3189982-F780-4AC2-9663-E6D4DF9DD319\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Outlook 2003, when replying to an e-mail message, stores certain files in a predictable location for the \\\"src\\\" of an img tag of the original message, which allows remote attackers to bypass zone restrictions and exploit other issues that rely on predictable locations, as demonstrated using a shell: URI.\"}, {\"lang\": \"es\", \"value\": \"Outlook 2003, cuando se responde a un mensaje de correo electr\\u00f3nico, almacena ciertos ficheros en una situaci\\u00f3n predecible para la fuente de una imagen (etiqueta HTML img) del mensaje original, lo que permite a atacantes remotos saltarse restricciones de zonas y explotar otros cosas que dependen de localizaciones impredecibles, como se ha demostrado usando una URI shell:\"}]",
      "id": "CVE-2004-0502",
      "lastModified": "2024-11-20T23:48:44.007",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2004-08-18T04:00:00.000",
      "references": "[{\"url\": \"http://marc.info/?l=bugtraq\u0026m=108420583612655\u0026w=2\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=108637351805607\u0026w=2\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://marc.info/?l=ntbugtraq\u0026m=108644231209698\u0026w=2\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/11572\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/10307\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/16104\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=108420583612655\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=108637351805607\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://marc.info/?l=ntbugtraq\u0026m=108644231209698\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/11572\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/10307\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/16104\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2004-0502\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2004-08-18T04:00:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Outlook 2003, when replying to an e-mail message, stores certain files in a predictable location for the \\\"src\\\" of an img tag of the original message, which allows remote attackers to bypass zone restrictions and exploit other issues that rely on predictable locations, as demonstrated using a shell: URI.\"},{\"lang\":\"es\",\"value\":\"Outlook 2003, cuando se responde a un mensaje de correo electr\u00f3nico, almacena ciertos ficheros en una situaci\u00f3n predecible para la fuente de una imagen (etiqueta HTML img) del mensaje original, lo que permite a atacantes remotos saltarse restricciones de zonas y explotar otros cosas que dependen de localizaciones impredecibles, como se ha demostrado usando una URI shell:\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:outlook:2003:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3189982-F780-4AC2-9663-E6D4DF9DD319\"}]}]}],\"references\":[{\"url\":\"http://marc.info/?l=bugtraq\u0026m=108420583612655\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=108637351805607\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=ntbugtraq\u0026m=108644231209698\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/11572\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/10307\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/16104\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=108420583612655\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=108637351805607\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=ntbugtraq\u0026m=108644231209698\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/11572\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/10307\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/16104\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.