PCWorks: Outlook Express Windows Address Book File Vulnerability

Thread: PCWorks: Outlook Express Windows Address Book File Vulnerability

Search this list only Search all lists
PCWorks: Outlook Express Windows Address Book File Vulnerability
	2006-04-12 07:06:54
TITLE: Outlook Express Windows Address Book File Vulnerability SECUNIA ADVISORY ID: SA19617 VERIFY ADVISORY: http://secunia.c om/advisories/19617/ CRITICAL: Moderately critical IMPACT: System access WHERE: From remote SOFTWARE: Microsoft Outlook Express 6 http://secunia.com/pr oduct/102/ Microsoft Outlook Express 5.5 http://secunia.com/pr oduct/189/ DESCRIPTION: A vulnerability has been reported in Microsoft Outlook Express, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when parsing Windows Address Book (.wab) files. This can be exploited to cause a buffer overflow if a user is tricked into opening a specially crafted .wab file. Successful exploitation allows execution of arbitrary code. SOLUTION: Apply patches. Outlook Express 6 on Windows Server 2003 and Windows Server 2003 SP1: http://www.microsof t.com/downloads/details.aspx?FamilyId=484DE679-5505-4196-BDD 8-F7CF325AF0F5 Outlook Express 6 on Windows Server 2003 x64 Edition: http://www.microsof t.com/downloads/details.aspx?FamilyId=A7B10D8F-D9D7-4423-AA6 D-C1C41D23794E Outlook Express 6 on Windows Server 2003 on Itanium-based systems and Windows Server 2003 with SP1 for Itanium-based systems: http://www.microsof t.com/downloads/details.aspx?familyid=800BF687-BEE5-478F-A02 5-43CD16682F31 Outlook Express 6 on Windows XP SP2: http://www.microsof t.com/downloads/details.aspx?FamilyId=0DD827BC-6FA1-405A-933 E-FB422A4E8096 Outlook Express 6 on Windows XP Professional x64 Edition: http://www.microsof t.com/downloads/details.aspx?familyid=FF772C0B-6F98-449D-B02 E-C9C236068172 Outlook Express 6 SP1 on Windows XP SP1 or Windows 2000 SP4: http://www.microsof t.com/downloads/details.aspx?FamilyId=CDA93501-99CB-4F28-BB7 3-6438CAD081DB Outlook Express 5.5 SP2 on Windows 2000 SP4: http://www.microsof t.com/downloads/details.aspx?FamilyId=E61A3D64-14FD-4976-BB0 3-C31CA6EE61E2 ORIGINAL ADVISORY: MS06-016 (KB911567): http://www.microsoft.com/technet/security/Bullet in/MS06-016.mspx ============= PCWorks Mailing List ================= Don't see your post? Check our posting guidelines & make sure you've followed proper posting procedures, http://pcworkers.com/r ules.htm Contact list owner <owner-pcworksimagicomm.com> Unsubscribing and other changes: http://pcworkers.com =====================================================

[1]

about | contact Other archives ( Real Estate discussion Medical topics )