CVE Database · CVE-2004-2694
CVSS v3.1
N/A
EPSS
8.56%
Published
Dec 31, 2004
Modified
Apr 15, 2026
Public PoC / Exploit (1)
All weaponized →Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
Microsoft Outlook Express 6.0 allows remote attackers to bypass intended access restrictions, load content from arbitrary sources into the Outlook context, and facilitate phishing attacks via a "BASE HREF" with the target set to "_top".
Weaknesses (CWE)
Affected Products (1)
References (6)
