Microsoft Outlook / Exchange TNEF Decoding Arbitrary Code Execution

High Nessus Network Monitor Plugin ID 3365

Synopsis

Arbitrary code can be executed on the remote host through the email client or the email server.

Description

Arbitrary code can be executed on the remote host through the email client or the email server. The remote host is running a version of Outlook that is vulnerable to a bug in the Transport Neutral Encapsulation Format (TNEF) MIME attachment handling routine that may allow an attacker execute arbitrary code on the remote host by sending a specially crafted email.

Solution

Microsoft has released a set of patches for Office 2000, 2002, XP, and 2003.

See Also

http://www.microsoft.com/technet/security/bulletin/ms06-003.mspx

Plugin Details

Severity: High

ID: 3365

File Name: 3365.prm

Family: SMTP Clients

Published: 2006/01/12

Modified: 2016/01/15

Dependencies: 3366

Nessus ID: 20390

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSSv3

Base Score: 7.3

Temporal Score: 6.4

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:microsoft:outlook

Reference Information

CVE: CVE-2006-0002

BID: 16197

OSVDB: 22305

IAVA: 2006-A-0003