VULHUB ™

Microsoft Outlook Express is reported prone to a vulnerability that may allow unauthorized execution of script code. It is reported that Outlook Express filters user-supplied input such as script code in the in the 'window.document' object, however, fails to filter script code in any other components of the window object. This may aid in attacks that occur through HTML email. Microsoft Outlook Express version 6.0 is currently known to be vulnerable to this issue, however, it is possible that other versions are affected as well.

Microsoft Outlook Express is reported prone to a vulnerability that may allow unauthorized execution of script code. It is reported that Outlook Express filters user-supplied input such as script code in the in the 'window.document' object, however, fails to filter script code in any other components of the window object. This may aid in attacks that occur through HTML email. Microsoft Outlook Express version 6.0 is currently known to be vulnerable to this issue, however, it is possible that other versions are affected as well.