Alnini.comUtilities » Security & Encryption » Microsoft Outlook Malformed vCard Vulnerability Patch
  

Microsoft Outlook Malformed vCard Vulnerability Patch MS01-012 (2/22/01)


Outlook Express provides several components that are used by it and, if installed on the machine, Outlook. One such component, used to process vCards, contains an unchecked buffer. By creating a vCard and editing it to contain specially chosen data, then sending it to another user, an attacker could cause either of two effects to occur if the recipient opened it. In the less serious case, the attacker could cause the mail client to fail. If this happened, the recipient could resume normal operation by restarting the mail client and deleting the offending mail. In the more serious case, attackers could cause the mail client to the run code of their choice on the user's machine. Such code could take any desired action, limited only by the permissions of the recipient on the machine. Because the component that contains the flaw ships as part of Outlook Express (OE), which itself ships as part of Internet Explorer, the patch is specified in terms of the version of IE rather than OE or Outlook. There is no means by which a vCard could be made to open automatically, so the attacker would need to entice the recipient into opening the mail, then opening the vCard. As always, best practices recommend against opening untrusted e-mail attachments.

Publisher:

File size:

343KB

Date added:

03/04/2001

Licence:

Free

Requirements:

Windows 95/98/NT/2000/XP, Microsoft Outlook 98, 2000, or Outlook Express 5.x

Un/Install:

No

Downloads:

1,684

Download Now!

See Also

Folder Lock 4.375

Lock, hide, and password-protect personal files, folders, and pictures from other users of your PC.

Primedius Firewall Lite 1.62

Prevent intrusions into your PC by hackers, spyware, and adware.

Real Spy Monitor 2.07

Monitor all keystrokes, programs used, and Web sites visited on a PC.

Partners
• 

RSS | FAQ |

Links | Maestro

Copyright © 2004-2023 Alnini, Inc. All Rights Reserved. Privacy Policy | Terms of UseGeneration time: 0.02 | SQL queries: 8