Microsoft Outlook '.iCal', '.oss', and SMTP Header Bugs Let Remote Users Execute Arbitrary Code or Deny Service
|
SecurityTracker Alert ID: 1017488 |
SecurityTracker URL: http://securitytracker.com/id/1017488
|
CVE Reference:
CVE-2006-1305, CVE-2007-0033, CVE-2007-0034
(Links to External Site)
|
Date: Jan 9 2007
|
Impact:
Denial of service via network, Execution of arbitrary code via network, User access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 2000, 2002, 2003
|
Description:
Several vulnerabilities were reported in Microsoft Outlook. A remote user can execute arbitrary code on the target user's system. A remote user can cause denial of service conditions.
A remote user can send a '.iCal' meeting request with a specially crafted VEVENT record that, when received by the target user, will trigger a buffer overflow and execute arbitrary code on the target system. The code will run with the privileges of the target user.
A remote user can send a specially crafted Office Saved Searches (.oss) file that, when received by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user.
A remote user can send an e-mail with a specially crafted e-mail header to cause the target user's client to crash.
Microsoft Office Outlook 2007 is not affected.
Microsoft credits Lurene Grenier of Sourcefire with reporting the VEVENT vulnerability and Stuart Pearson of Computer Terrorism with reporting the Advanced Find vulnerability.
Microsoft indicates that the denial of service vulnerability had already been publicly reported.
|
Impact:
A remote user can send a message that will execute arbitrary code on the target user's system.
A remote user can cause the target user's client to crash.
|
Solution:
The vendor has issued the following fixes:
Microsoft Outlook 2000:
http://www.microsoft.com/downloads/details.aspx?FamilyId=97CE0B32-C6AF-4C6C-ABF1-838ED89062EB
Microsoft Outlook 2002:
http://www.microsoft.com/downloads/details.aspx?FamilyId=1D1991C5-3DE3-4258-9120-058FFD62B4F5
Microsoft Outlook 2003:
http://www.microsoft.com/downloads/details.aspx?FamilyId=9E4DD8AE-2564-4176-AC2E-E3760058CB56
The Microsoft advisory is available at:
http://www.microsoft.com/technet/security/bulletin/ms07-003.mspx
|
Vendor URL: www.microsoft.com/technet/security/bulletin/ms07-003.mspx (Links to External Site)
|
Cause:
Boundary error, Input validation error
|
Underlying OS: Windows (2000), Windows (2003), Windows (XP)
|
|
Message History:
None.
|
Source Message Contents
|
|
[Original Message Not Available for Viewing]
|
|