CVE-2004-0503

Microsoft Outlook 2003 allows remote attackers to bypass the default zone restrictions and execute script within media files via a Rich Text Format (RTF) message containing an OLE object for the Windows Media Player, which bypasses Media Player's setting to disallow scripting and may lead to unprompted installation of an executable when exploited in conjunction with predictable-file-location exposures such as CVE-2004-0502.

Publication date: Wed, 18 Aug 2004 09:00:00 +0000

Cyber News related to CVE-2004-0503

CVE-2004-0503 - Microsoft Outlook 2003 allows remote attackers to bypass the default zone restrictions and execute script within media files via a Rich Text Format (RTF) message containing an OLE object for the Windows Media Player, which bypasses Media Player's ...
7 years ago

CVE-2004-1159 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-1122, CVE-2004-1314. Reason: this was an out-of-band assignment duplicate intended for one issue, but the description and references inadvertently combined multiple issues. ...
54 years ago Tenable.com

CVE-2004-0868 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-0866. Reason: This candidate is a duplicate of CVE-2004-0866. Notes: The description for CVE-2004-0866 was inadvertently attached to this issue instead. All CVE users should ...
54 years ago Tenable.com

CVE-2016-0503 - Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2016-0504. ...
6 years ago

CVE-2016-0504 - Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2016-0503. ...
6 years ago

CVE-2020-0503 - Improper access control in Intel(R) Graphics Drivers before version 26.20.100.7212 may allow an authenticated user to potentially enable information disclosure via local access. ...
2 years ago

CVE-2002-0503 - Directory traversal vulnerability in boilerplate.asp for Citrix NFuse 1.5 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the NFuse_Template parameter. ...
16 years ago

CVE-2005-0503 - uim before 0.4.5.1 trusts certain environment variables when libUIM is used in setuid or setgid applications, which allows local users to gain privileges. ...
16 years ago

CVE-2010-0503 - Use-after-free vulnerability in iChat Server in Apple Mac OS X Server 10.5.8 allows remote authenticated users to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. Per: ...
14 years ago

CVE-2003-0503 - Buffer overflow in the ShellExecute API function of SHELL32.DLL in Windows 2000 before SP4 may allow attackers to cause a denial of service or execute arbitrary code via a long third argument. ...
8 years ago

CVE-2015-0503 - Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition. ...
7 years ago

CVE-2006-0503 - IMAP service in MailEnable Professional Edition before 1.72 allows remote attackers to cause a denial of service (service crash) via unspecified vectors involving the EXAMINE command. ...
7 years ago

CVE-2009-0503 - IBM WebSphere Message Broker 6.1.x before 6.1.0.2 writes a database connection password to the Event Log and System Log during exception handling for a JDBC error, which allows local users to obtain sensitive information by reading these logs. ...
7 years ago

CVE-2013-0503 - Cross-site scripting (XSS) vulnerability in the Bookmarks component in IBM Lotus Connections before 4.0 CR3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. ...
7 years ago

CVE-2008-0503 - Eval injection vulnerability in admin/op/disp.php in Netwerk Smart Publisher 1.0.1 allows remote attackers to execute arbitrary PHP code via the filedata parameter. ...
7 years ago

CVE-2011-0503 - Cross-site request forgery (CSRF) vulnerability in VaM Shop 1.6, 1.6.1, and probably earlier versions allows remote attackers to hijack the authentication of administrators for requests that (1) change user status via admin/customers.php or (2) ...
6 years ago

CVE-2001-0503 - Microsoft NetMeeting 3.01 with Remote Desktop Sharing enabled allows remote attackers to cause a denial of service via a malformed string to the NetMeeting service port, aka a variant of the "NetMeeting Desktop Sharing" vulnerability. ...
6 years ago

CVE-2007-0503 - Unspecified vulnerability in kcms_calibrate in Sun Solaris 8 and 9 before 20071122 allows local users to execute arbitrary commands via unknown vectors. ...
6 years ago

CVE-2014-0503 - Adobe Flash Player before 11.7.700.272 and 11.8.x through 12.0.x before 12.0.0.77 on Windows and OS X, and before 11.2.202.346 on Linux, allows remote attackers to bypass the Same Origin Policy via unspecified vectors. ...
5 years ago

CVE-2017-0503 - An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context ...
5 years ago

CVE-2018-0503 - Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where contrary to the documentation, $wgRateLimits entry for 'user' overrides that for 'newbie'. ...
5 years ago

CVE-2000-0503 - The IFRAME of the WebBrowser control in Internet Explorer 5.01 allows a remote attacker to violate the cross frame security policy via the NavigateComplete2 event. ...
3 years ago

CVE-2012-0503 - Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows remote untrusted Java Web Start applications and ...
2 years ago

CVE-1999-0503 - A Windows NT local user or administrator account has a guessable password. ...
2 years ago

CVE-2023-0503 - The Free WooCommerce Theme 99fy Extension WordPress plugin before 1.2.8 does not have CSRF check when activating plugins, which could allow attackers to make logged in admins activate arbitrary plugins present on the blog via a CSRF attack ...
1 year ago

Latest Cyber News

CVE-2024-10146 - 10 hours ago
CVE-2024-9186 - 10 hours ago
CVE-2023-34049 - 11 hours ago
CVE-2024-5082 - 13 hours ago
CVE-2024-5083 - 14 hours ago
CVE-2024-40408 - 17 hours ago
CVE-2024-40410 - 17 hours ago
CVE-2024-40404 - 17 hours ago
CVE-2024-40405 - 17 hours ago
CVE-2024-40407 - 17 hours ago
CVE-2024-50955 - 18 hours ago
CVE-2024-50956 - 18 hours ago
CVE-2024-51027 - 18 hours ago
CVE-2024-45878 - 19 hours ago
CVE-2024-45879 - 19 hours ago
CVE-2024-52549 - 19 hours ago
CVE-2024-52550 - 19 hours ago
CVE-2024-52551 - 19 hours ago
CVE-2024-52552 - 19 hours ago
CVE-2024-52553 - 19 hours ago

Cyber Trends (last 7 days)

Okta - 11 months ago
23andMe - 11 months ago
Kimsuky - 11 months ago
LogoFAIL - 11 months ago
Gh0st rat - 11 months ago

Trending Cyber News (last 7 days)

CVE-2024-10877 - 1 day ago
CVE-2024-9059 - 1 day ago
CVE-2024-9668 - 1 day ago
CVE-2024-9682 - 1 day ago
CVE-2024-11028 - 1 day ago
CVE-2024-8001 - 1 day ago
CVE-2024-11159 - 1 day ago
CVE-2024-48989 - 1 day ago
CVE-2024-11165 - 1 day ago
CVE-2024-48510 - 1 day ago
CVE-2024-48900 - 1 day ago
CVE-2024-49504 - 1 day ago
CVE-2024-49505 - 1 day ago
CVE-2024-49506 - 1 day ago
CVE-2024-50852 - 1 day ago
CVE-2024-50853 - 1 day ago
CVE-2024-50854 - 1 day ago
CVE-2024-9477 - 1 day ago
CVE-2024-10012 - 1 day ago
CVE-2024-10013 - 1 day ago