CVE-2004-2482 - Ungotten Knob

Description

Microsoft Outlook 2000 and 2003 when configured to use Microsoft Word 2000 or 2003 as the e-mail editor and when forwarding e-mail does not properly handle an opening OBJECT tag that does not have a closing OBJECT tag which causes Outlook to automatically download the URI in the data property of the OBJECT tag and might allow remote attackers to execute arbitrary code.

Reference

http://www.securityfocus.com/archive/1/368492 http://www.securityfocus.com/bid/10683 http://www.osvdb.org/7769 http://secunia.com/advisories/12041 https://exchange.xforce.ibmcloud.com/vulnerabilities/16663