CVE Database · CVE-2010-0266
CVSS v3.1
N/A
EPSS
55.28%
Published
Jul 15, 2010
Modified
Apr 28, 2026
Public PoC / Exploit (3)
All weaponized →Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
Microsoft Office Outlook 2002 SP3, 2003 SP3, and 2007 SP1 and SP2 does not properly verify e-mail attachments with a PR_ATTACH_METHOD property value of ATTACH_BY_REFERENCE, which allows user-assisted remote attackers to execute arbitrary code via a crafted message, aka "Microsoft Outlook SMB Attachment Vulnerability."
Weaknesses (CWE)
Affected Products (8)
References (6)
