Microsoft Outlook Express S/MIME Buffer Overflow Vulnerability
High Nessus Network Monitor Plugin ID 1291
SynopsisThe remote host is vulnerable to a buffer overflow
DescriptionThe remote host is running a version of Outlook Express that contains an unchecked buffer in the code that generates warning messages when certain error conditions associated with digital signatures are encountered. Execution of arbitrary code in the security context of the current user is possible.
SolutionMicrosoft has supplied a patch for 5.5 and 6.0 that may be downloaded from their webpage.