Makki Posted December 4, 2002 Share Posted December 4, 2002 - ---------------------------------------------------------------------- Title: E-mail Header Processing Flaw Could Cause Outlook 2002 to Fail (331866) Date: 04 December 2002 Software: Microsoft Outlook 2002 Impact: Denial of Service Max Risk: Moderate Bulletin: MS02-067 Microsoft encourages customers to review the Security Bulletins at: http://www.microsoft.com/technet/security/...in/MS02-067.asp http://www.microsoft.com/security/security...ns/MS02-067.asp - ---------------------------------------------------------------------- Issue: ====== Microsoft Outlook provides users with the ability to work with e-mail, contacts, tasks, and appointments. Outlook e-mail handling includes receiving, displaying, creating, editing, sending, and organizing e-mail messages. When working with received e-mail messages, Outlook processes information contained in the header of the e-mail which carries information about where the e-mail came from, its destination, and attributes of the message. A vulnerability exists in Outlook 2002 in its processing of e-mail header information. An attacker who successfully exploited the vulnerability could send a specially malformed e-mail to a user of Outlook 2002 that would cause the Outlook client to fail under certain circumstances. The Outlook 2002 client would continue to fail so long as the specially malformed e-mail message remained on the e-mail server. The e-mail message could be deleted by an e-mail administrator, or by the user via another e-mail client such as Outlook Web Access or Outlook Express, after which point the Outlook 2002 client would again function normally. Mitigating Factors: ==================== - Outlook 2002 clients connecting to e-mail servers using the MAPI protocol are not affected. Only Outlook 2002 clients using POP3, IMAP, or WebDAV protocols are vulnerable. - The vulnerability does not affect Outlook 2000 or Outlook Express. - The vulnerability is a denial of service vulnerability only. The attacker would not be able to access the user?s e-mail or system in any way. The vulnerability could not be used to read, delete, create, or alter the user?s e-mail. - If an attacker was able to send a specially malformed e-mail that successfully exploited this vulnerability, the specially malformed e-mail could be deleted either by an e-mail administrator, or by the user via another e-mail client such as Outlook Web Access or Outlook Express. Once the specially malformed e-mail has been removed, normal operation would resume. Risk Rating: ============ - Moderate Patch Availability: =================== - A patch is available to fix this vulnerability. Please read the Security Bulletin at http://www.microsoft.com/technet/security/...in/ms02-067.asp for information on obtaining this patch. Link to comment Share on other sites More sharing options...
Recommended Posts