Microsoft Windows Mail — known CVE vulnerabilities
Every CVE whose affected-product data names Microsoft Windows Mail, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2007-3897 — CVSS 9.3 (critical): Heap-based buffer overflow in Microsoft Outlook Express 6 and earlier, and Windows Mail for Vista, allows remote Network News Transfer…
CVE-2010-0816 — CVSS 9.3 (critical): Integer overflow in inetcomm.dll in Microsoft Outlook Express 5.5 SP2, 6, and 6 SP1; Windows Live Mail on Windows XP SP2 and SP3, Windows…
CVE-2008-1448 — CVSS 7.1 (high): The MHTML protocol handler in a component of Microsoft Outlook Express 5.5 SP2 and 6 through SP1, and Windows Mail, does not assign the…
CVE-2018-8305 — CVSS 6.5 (medium): An information disclosure vulnerability exists in Windows Mail Client when a message is opened, aka "Windows Mail Client Information…
CVE-2007-2225 — CVSS 4.3 (medium): A component in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle certain HTTP headers when processing…
CVE-2007-2227 — CVSS 4.3 (medium): The MHTML protocol handler in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle Content-Disposition…