← CVECheck
HomeVulnerabilities

CVE-2004-0121 — HIGH severity vulnerability (Argument injection vulnerability in Microsoft Outlook 2002 d)

Argument injection vulnerability in Microsoft Outlook 2002 does not sufficiently filter parameters of mailto: URLs when using them as arguments when calling OUTLOOK.EXE, which allows remote attackers to use script code in the Local Machine zone and execute arbitrary programs.

CVE IDCVE-2004-0121
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWECWE-88
StatusModified
Published2004-04-15
Last modified2026-04-16
DescriptionArgument injection vulnerability in Microsoft Outlook 2002 does not sufficiently filter parameters of mailto: URLs when using them as arguments when calling OUTLOOK.EXE, which allows remote attackers to use script code in the Local Machine zone and execute arbitrary programs.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →