RETIRED: Microsoft Windows Outlook Express and Windows Mail Integer Overflow Vulnerability
BID:40052
Info
RETIRED: Microsoft Windows Outlook Express and Windows Mail Integer Overflow Vulnerability
| Bugtraq ID: | 40052 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | May 11 2010 12:00AM |
| Updated: | May 11 2010 06:52PM |
| Credit: | Francis Provencher (Protek Research Lab's) |
| Vulnerable: |
Microsoft Windows Mail 0 Microsoft Outlook Express 6.0 SP2 Microsoft Outlook Express 6.0 SP1 Microsoft Outlook Express 6.0 |
| Not Vulnerable: | |
Discussion
RETIRED: Microsoft Windows Outlook Express and Windows Mail Integer Overflow Vulnerability
Microsoft Windows Outlook Express and Windows Mail are prone to an integer-overflow vulnerability.
Successful exploits may allow an attacker to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in denial-of-service conditions.
This BID is being retired as a duplicate of BID 39927 (Microsoft Outlook Express And Windows Mail Common Library Integer Overflow Vulnerability).
Microsoft Windows Outlook Express and Windows Mail are prone to an integer-overflow vulnerability.
Successful exploits may allow an attacker to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will result in denial-of-service conditions.
This BID is being retired as a duplicate of BID 39927 (Microsoft Outlook Express And Windows Mail Common Library Integer Overflow Vulnerability).
Exploit / POC
RETIRED: Microsoft Windows Outlook Express and Windows Mail Integer Overflow Vulnerability
The following proof-of-concept is available:
The following proof-of-concept is available:
Solution / Fix
RETIRED: Microsoft Windows Outlook Express and Windows Mail Integer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of any more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of any more recent information, please mail us at: [email protected].
References
RETIRED: Microsoft Windows Outlook Express and Windows Mail Integer Overflow Vulnerability
References:
References:
- Microsoft Outlook Express and Windows Mail Integer Overflow (Protek Research Lab's)
- Microsoft Outlook Express Homepage (Microsoft)
- Windows Mail Product Page (Microsoft Corporation)