CVE-2004-0501 Information

Description

Outlook 2003 allows remote attackers to bypass intended access restrictions and cause Outlook to request a URL from a remote site via an HTML e-mail message containing a Vector Markup Language (VML) entity whose src parameter points to the remote site which could allow remote attackers to know when a message has been read verify valid e-mail addresses and possibly leak other information.

Reference

http://marc.info/?l=bugtraq&m=108430168919965&w=2 http://marc.info/?l=bugtraq&m=108637351805607&w=2 http://marc.info/?l=ntbugtraq&m=108644231209698&w=2 http://www.securityfocus.com/bid/10323 https://exchange.xforce.ibmcloud.com/vulnerabilities/16116