CVE-2002-0285

CVE Database · CVE-2002-0285

CVE-2002-0285

· N/AModified

CVSS v3.1

N/A

EPSS

12.32%

Published

May 31, 2002

Modified

Apr 15, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Outlook Express 5.5 and 6.0 on Windows treats a carriage return ("CR") in a message header as if it were a valid carriage return/line feed combination (CR/LF), which could allow remote attackers to bypass virus protection and or other filtering mechanisms via a mail message with headers that only contain the CR, which causes Outlook to create separate headers.

Affected Products (2)

microsoft · outlook_expressvulnerable

References (6)

http://marc.info/?l=bugtraq&m=101362077701164&w=2

http://www.iss.net/security_center/static/8198.php

http://www.securityfocus.com/bid/4092

http://marc.info/?l=bugtraq&m=101362077701164&w=2

http://www.iss.net/security_center/static/8198.php

http://www.securityfocus.com/bid/4092

KEV Catalog EPSS Scores Vendors All CVEs