VCard Security Hole under Outlook/Outlook Express

From: Joseph S. Barrera III (joe@barrera.org)
Date: Fri Feb 23 2001 - 15:53:19 PST


It just goes on and on, doesn't it?

> From: Megan Holbrook <meganwh@mediaone.net>
> To: web405@southland.net
> Subject: [Web405] VCard Security Hole
>
> Another Microsoft security issue for Outlook/Outlook Express users:
>
> "Security consultancy and researcher @Stake Inc. has discovered a
> security flaw in Microsoft's ubiquitous Outlook and Outlook Express
> e-mail applications.
>
> The vulnerability concerns the use of Outlook's vCards, or virtual
> business cards, that can fall victim to a buffer overflow attack or
> contain code that can attack a user's system. VCards can be created with
> malicious code that can either cause Outlook to crash, or even allow the
> e-mail application to run damaging code on a targeted victim's system.
>
> In Microsoft Security Bulletin MS01-012, posted Thursday, Microsoft
> admitted that the flaw is potentially devastating. "
>
> More at http://www.techweb.com/wire/story/TWB20010223S0009



This archive was generated by hypermail 2b29 : Fri Apr 27 2001 - 23:18:26 PDT