Microsoft Outlook '.iCal', '.oss', and SMTP Header Bugs Let Remote Users Execute Arbitrary Code or Deny Service - SecurityTracker

Home | View Topics | Search | Contact Us |

SecurityTracker
Archives

Category: Application (E-mail Client) > Microsoft Outlook

Vendors: Microsoft

Microsoft Outlook '.iCal', '.oss', and SMTP Header Bugs Let Remote Users Execute Arbitrary Code or Deny Service

SecurityTracker Alert ID: 1017488

SecurityTracker URL: http://securitytracker.com/id/1017488

CVE Reference: CVE-2006-1305, CVE-2007-0033, CVE-2007-0034 (Links to External Site)

Date: Jan 9 2007

Impact: Denial of service via network, Execution of arbitrary code via network, User access via network

Fix Available: Yes Vendor Confirmed: Yes

Version(s): 2000, 2002, 2003

Description: Several vulnerabilities were reported in Microsoft Outlook. A remote user can execute arbitrary code on the target user's system. A remote user can cause denial of service conditions.

A remote user can send a '.iCal' meeting request with a specially crafted VEVENT record that, when received by the target user, will trigger a buffer overflow and execute arbitrary code on the target system. The code will run with the privileges of the target user.

A remote user can send a specially crafted Office Saved Searches (.oss) file that, when received by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user.

A remote user can send an e-mail with a specially crafted e-mail header to cause the target user's client to crash.

Microsoft Office Outlook 2007 is not affected.

Microsoft credits Lurene Grenier of Sourcefire with reporting the VEVENT vulnerability and Stuart Pearson of Computer Terrorism with reporting the Advanced Find vulnerability.

Microsoft indicates that the denial of service vulnerability had already been publicly reported.

Impact: A remote user can send a message that will execute arbitrary code on the target user's system.

A remote user can cause the target user's client to crash.

Solution: The vendor has issued the following fixes:

Microsoft Outlook 2000:

http://www.microsoft.com/downloads/details.aspx?FamilyId=97CE0B32-C6AF-4C6C-ABF1-838ED89062EB

Microsoft Outlook 2002:

http://www.microsoft.com/downloads/details.aspx?FamilyId=1D1991C5-3DE3-4258-9120-058FFD62B4F5

Microsoft Outlook 2003:

http://www.microsoft.com/downloads/details.aspx?FamilyId=9E4DD8AE-2564-4176-AC2E-E3760058CB56

The Microsoft advisory is available at:

http://www.microsoft.com/technet/security/bulletin/ms07-003.mspx

Vendor URL: www.microsoft.com/technet/security/bulletin/ms07-003.mspx (Links to External Site)

Cause: Boundary error, Input validation error

Underlying OS: Windows (2000), Windows (2003), Windows (XP)

Message History: None.

Source Message Contents


[Original Message Not Available for Viewing]

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us
This web site uses cookies for web analytics. Learn More
Copyright 2021, SecurityGlobal.net LLC