Microsoft Outlook / Exchange TNEF Decoding Arbitrary Code Execution

high Nessus Network Monitor Plugin ID 3365

Synopsis

Arbitrary code can be executed on the remote host through the email client or the email server.

Description

Arbitrary code can be executed on the remote host through the email client or the email server. The remote host is running a version of Outlook that is vulnerable to a bug in the Transport Neutral Encapsulation Format (TNEF) MIME attachment handling routine that may allow an attacker execute arbitrary code on the remote host by sending a specially crafted email.

Solution

Microsoft has released a set of patches for Office 2000, 2002, XP, and 2003.

See Also

http://www.microsoft.com/technet/security/bulletin/ms06-003.mspx

Plugin Details

Severity: High

ID: 3365

Family: SMTP Clients

Published: 1/12/2006

Updated: 3/6/2019

Nessus ID: 20390

Risk Information

VPR

Risk Factor: Medium

Score: 5.5

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 7.3

Temporal Score: 6.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:microsoft:outlook

Reference Information

CVE: CVE-2006-0002

BID: 16197