There is a vulnerability in the way Microsoft Outlook handles malformed email messages that may allow a remote, unauthenticated attacker to cause a denial of service.
Microsoft Outlook contains a vulnerability in the way that it handles certain email message headers. According to Microsoft Security Bulletin MS07-003:
An attacker who successfully exploited the vulnerability could send a malformed e-mail to a user of Outlook that would cause the Outlook client to fail under certain circumstances. The Outlook client would continue to fail so long as the malformed e-mail message remained on the e-mail server. The e-mail message could be deleted by an e-mail administrator, or by the user via another e-mail client such as Outlook Web Access or Outlook Express, after which point the Outlook client would again function normally.
A remote, unauthenticated attacker may be able to cause a denial of service.
This issue is addressed in Microsoft Security Bulletin MS07-003.
This document was written by Chris Taschner.
|Date First Published:||2007-01-12|
|Date Last Updated:||2007-01-26 13:47 UTC|