Microsoft Windows Vista Windows Mail Local File Execution Vulnerability
BID:23103
Info
Microsoft Windows Vista Windows Mail Local File Execution Vulnerability
| Bugtraq ID: | 23103 |
| Class: | Design Error |
| CVE: |
CVE-2007-1658 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 23 2007 12:00AM |
| Updated: | Jun 14 2007 04:09PM |
| Credit: | Kingcope is credited with the discovery of this issue. |
| Vulnerable: |
Microsoft Windows Vista Ultimate Microsoft Windows Vista Home Premium Microsoft Windows Vista Home Basic Microsoft Windows Vista Enterprise Microsoft Windows Vista Business Microsoft Windows Mail 0 |
| Not Vulnerable: | |
Discussion
Microsoft Windows Vista Windows Mail Local File Execution Vulnerability
Microsoft Windows Vista Windows Mail is prone to a local file-execution vulnerability due to a design error.
An attackers may exploit this issue to execute local files. The attacker must entice a victim into opening a maliciously crafted link using the affected application.
The vendor reports this issue can also be exploited through use of UNC navigation to execute arbitrary remote code. This may facilitate a remote compromise of the affected computer.
Microsoft Windows Vista Windows Mail is prone to a local file-execution vulnerability due to a design error.
An attackers may exploit this issue to execute local files. The attacker must entice a victim into opening a maliciously crafted link using the affected application.
The vendor reports this issue can also be exploited through use of UNC navigation to execute arbitrary remote code. This may facilitate a remote compromise of the affected computer.
Exploit / POC
Microsoft Windows Vista Windows Mail Local File Execution Vulnerability
To exploit this issue, an attacker must entice an unsuspecting user to click a malicious link using the vulnerable application.
The following links may be included in an HTML email as an example to trigger this issue:
The following example will execute the 'winrm.cmd' tool:
To exploit this issue, an attacker must entice an unsuspecting user to click a malicious link using the vulnerable application.
The following links may be included in an HTML email as an example to trigger this issue:
The following example will execute the 'winrm.cmd' tool:
Solution / Fix
Microsoft Windows Vista Windows Mail Local File Execution Vulnerability
Solution:
The vendor has released an advisory to address this issue in supported versions of affected applications. Please see the referenced advisory for details on obtianing and applying the appropriate updates.
Microsoft Windows Mail 0
Solution:
The vendor has released an advisory to address this issue in supported versions of affected applications. Please see the referenced advisory for details on obtianing and applying the appropriate updates.
Microsoft Windows Mail 0
-
Microsoft Cumulative Security Update for Outlook Express for Windows Vista (KB929123)
Windows Vista
http://www.microsoft.com/downloads/details.aspx?FamilyId=ee57de19-44ea -48f2-ae28-e76fd2018633&displaylang=en -
Microsoft Cumulative Security Update for Outlook Express for Windows Vista for x64-based Systems (KB929123)
Windows Vista x64 Edition
http://www.microsoft.com/downloads/details.aspx?FamilyId=343db20f-7794 -4423-b11d-885329fbdf78&displaylang=en
References
Microsoft Windows Vista Windows Mail Local File Execution Vulnerability
References:
References:
- Windows Mail Product Page (Microsoft Corporation)
- Microsoft Security Bulletin MS07-034 - Critical (Microsoft)