CVE-2004-0284

Published: Nov 23, 2004Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Microsoft Internet Explorer 6.0, Outlook 2002, and Outlook 2003 allow remote attackers to cause a denial of service (CPU consumption), if "Do not save encrypted pages to disk" is disabled, via a web site or HTML e-mail that contains two null characters (%00) after the host name.

Affected (6)

Products: Microsoft: Ie, Internet Explorer, Outlook

Microsoft

3 products

Internet Explorer

Outlook

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Microsoft Ie	Version 6.0 sp1
Microsoft Internet Explorer	Version 6.0
Microsoft Outlook	Version 2002
Microsoft Outlook	Version 2002 sp1
Microsoft Outlook	Version 2002 sp2
Microsoft Outlook	Version 2003

References (6)

http://marc.info/?l=bugtraq&m=107643134712133&w=2

Source: cve@mitre.org

http://www.securityfocus.com/bid/9629

Source: cve@mitre.org

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/15127

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=107643134712133&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/9629

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/15127

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.