Microsoft Outlook Express 5.5 - Denial of Service Device Denial of Service

EDB-ID:

21419

CVE:



Author:

ERRor

Type:

dos


Platform:

Windows

Date:

2002-04-24


source: https://www.securityfocus.com/bid/4584/info

A denial of service issue has been reported in Microsoft Outlook Express.

Reportedly, Outlook Express does not adequately handle unusually crafted HTML mail messages. Modifying the BGSOUND or IFRAME tag to contain a URL pointing to a DOS device, could cause Outlook Express to stop responding.

Under certain circumtances this issue may cause the system to consume CPU time.

Varying results have been reported when data is sent directly to a device, such as a denial of service, hardware failure, information disclosure or unauthorized device access.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/21419-1.eml

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/21419-2.eml