This script is Copyright (C) 2005-2017 Tenable Network Security, Inc.
A flaw in the Microsoft Collaboration Data Object could allow an
attacker to execute arbitrary code on the remote host.
An unchecked buffer condition could allow an attacker to execute
arbitrary code on the remote host.
To execute this flaw, an attacker would need to send a malformed message
via SMTP to the remote host, either by using the SMTP server (if
Exchange is installed) or by sending an email to a user on the remote
When the email is processed by CDO, an unchecked buffer may allow cause
See also :
Microsoft has released a set of patches for Windows 2000, XP and
Risk factor :
High / CVSS Base Score : 7.6
CVSS Temporal Score : 6.3
Public Exploit Available : true