Outlook 2002 Argument Injection Vulnerability

Outlook 2002 Argument Injection Vulnerability

CVE-2004-0121 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Argument injection vulnerability in Microsoft Outlook 2002 does not sufficiently filter parameters of mailto: URLs when using them as arguments when calling OUTLOOK.EXE, which allows remote attackers to use script code in the Local Machine zone and execute arbitrary programs.

Learn more about our Web Application Penetration Testing UK.