Overview
- Description
- Outlook Express 6.0, when sending multipart e-mail messages using the "Break apart messages larger than" setting, leaks the BCC recipients of the message to the addresses listed in the To and CC fields, which may allow remote attackers to obtain sensitive information.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:outlook_express:6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "85FD3557-956D-4A96-8AA5-5FD9DB87FD11"
},
{
"criteria": "cpe:2.3:a:microsoft:outlook_express:6.0:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D45F2775-A10B-4834-A2EF-7498EEAB155D"
}
],
"operator": "OR"
}
]
}
]