What is CVE-2005-2226?

CVE-2005-2226 is a vulnerability in Microsoft Outlook_express. Published 2005-07-12.

Is CVE-2005-2226 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Microsoft Outlook_express

CVE-2005-2226

Microsoft Outlook Express 6.0 leaks the default news server account when a user responds to a "watched" conversation thread, which could allow remote attackers to obtain sensitive information.

EPSS: 0.134 (95.9th percentile) — read the EPSS interpretation.

Affected products

Microsoft Outlook_express — versions 6.0
N/a — versions n/a

Public proof-of-concept exploits

GuiMatosInfra/explorer2sectool
xaitax/SploitScan

References

cve@mitre.org (Patch, vdb-entry, x_refsource_BID)
cve@mitre.org (vendor-advisory, Patch, x_refsource_MSKB)

Frequently asked questions

What is CVE-2005-2226?: CVE-2005-2226 is a vulnerability in Microsoft Outlook_express. Published 2005-07-12.
Is CVE-2005-2226 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.