Vulnerability Details : CVE-2004-0503
Potential exploit
Microsoft Outlook 2003 allows remote attackers to bypass the default zone restrictions and execute script within media files via a Rich Text Format (RTF) message containing an OLE object for the Windows Media Player, which bypasses Media Player's setting to disallow scripting and may lead to unprompted installation of an executable when exploited in conjunction with predictable-file-location exposures such as CVE-2004-0502.
Products affected by CVE-2004-0503
- cpe:2.3:a:microsoft:outlook:2003:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2004-0503
32.07%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 96 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2004-0503
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:P/A:N |
10.0
|
2.9
|
NIST |
References for CVE-2004-0503
-
http://marc.info/?l=bugtraq&m=108483193328605&w=2
-
http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0885.html
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/16173
Microsoft Outlook 2003 OLE object bypass restricted security zone CVE-2004-0503 Vulnerability Report
-
http://www.securityfocus.com/bid/10369
Exploit;Patch;Vendor Advisory
-
http://secunia.com/advisories/11629
About Secunia Research | Flexera
-
http://www.osvdb.org/6217
Jump to