Microsoft Outlook Express 5.0版本、5.5版本和6.0版本存在缓冲区溢出漏洞。远程攻击者可以借助超长连接导致服务拒绝（崩溃）。
Microsoft has reportedly stated that this vulnerability will be eliminated in MSIE 6 SP1. Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: firstname.lastname@example.org .
Alleged Outlook Express 5/6 Link Denial of Service Vulnerability (EDBID:21789)
Reportedly, when decoding a HTML email, Outlook Express will stop responding upon encountering a <A HREF> link longer than 4095 characters. It is not confirmed why this behaviour occurs.