CVE-2003-0007

Published: Feb 7, 2003Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Microsoft Outlook 2002 does not properly handle requests to encrypt email messages with V1 Exchange Server Security certificates, which causes Outlook to send the email in plaintext, aka "Flaw in how Outlook 2002 handles V1 Exchange Server Security Certificates could lead to Information Disclosure."

Affected (3)

Products: Microsoft: Outlook

1 product

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Microsoft Outlook	Version 2002
Microsoft Outlook	Version 2002 sp1
Microsoft Outlook	Version 2002 sp2

References (6)

http://www.securityfocus.com/bid/6667

Source: cve@mitre.org

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-003

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/11133

Source: cve@mitre.org

http://www.securityfocus.com/bid/6667

Source: af854a3a-2127-422b-91ae-364da2661108

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-003

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/11133

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.