VCard Security Hole under Outlook/Outlook Express

From: Joseph S. Barrera III (
Date: Fri Feb 23 2001 - 15:53:19 PST

It just goes on and on, doesn't it?

> From: Megan Holbrook <>
> To:
> Subject: [Web405] VCard Security Hole
> Another Microsoft security issue for Outlook/Outlook Express users:
> "Security consultancy and researcher @Stake Inc. has discovered a
> security flaw in Microsoft's ubiquitous Outlook and Outlook Express
> e-mail applications.
> The vulnerability concerns the use of Outlook's vCards, or virtual
> business cards, that can fall victim to a buffer overflow attack or
> contain code that can attack a user's system. VCards can be created with
> malicious code that can either cause Outlook to crash, or even allow the
> e-mail application to run damaging code on a targeted victim's system.
> In Microsoft Security Bulletin MS01-012, posted Thursday, Microsoft
> admitted that the flaw is potentially devastating. "
> More at

This archive was generated by hypermail 2b29 : Fri Apr 27 2001 - 23:18:26 PDT