Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Microsoft Outlook Remote Code Execution Vulnerability (949031)

Medium

Synopsis

Arbitrary code can be executed on the remote host through the email client.

Description

The remote host is running a version of Outlook or Exchange that is vulnerable to a bug when processing a specially malformed URI mailto: link, which can let an attacker execute arbitrary code on the remote host by sending a specially crafted email.

Solution

Microsoft has released a set of patches for Outlook 2000, XP, 2003 and 2007.