What is CVE-2008-5424?

CVE-2008-5424 is a vulnerability in Microsoft Outlook_express, classified under CWE-399. Published 2008-12-11.

Is CVE-2008-5424 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Microsoft Outlook_express

CVE-2008-5424

The MimeOleClearDirtyTree function in InetComm.dll in Microsoft Outlook Express 6.00.2900.5512 does not properly handle (1) multipart/mixed e-mail messages with many MIME parts and possibly (2) e-mail messages with many "Content-type: mess…

EPSS: 0.123 (95.7th percentile) — read the EPSS interpretation.

Affected products

Microsoft Outlook_express — versions 6.00.2900.5512
N/a — versions n/a

Weakness classification (CWE)

CWE-399

Public proof-of-concept exploits

References

cve@mitre.org (Exploit, x_refsource_MISC)
cve@mitre.org (x_refsource_SREASON, third-party-advisory)
cve@mitre.org (vdb-entry, x_refsource_BID)
cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)

Frequently asked questions

What is CVE-2008-5424?: CVE-2008-5424 is a vulnerability in Microsoft Outlook_express, classified under CWE-399. Published 2008-12-11.
Is CVE-2008-5424 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.