OSVDB ID: 31254

Title: Microsoft Outlook Advanced Find .oss File Handling Remote Code Execution

Info

Disclosure

Jan 09, 2007

Discovery

May 12, 2006

Dates

Exploit

Unknown

Solution

Jan 09, 2007

Description

A local overflow exists in Outlook. The Advanced Search function fails to validate the contents of .oss files resulting in a buffer overflow. With a specially crafted file, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Classification

Location: Local Access Required, Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Unknown
Disclosure: OSVDB Verified, Vendor Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Products

Microsoft Corporation	Outlook	2000
		2002
		2003

References

Security Tracker: 1017488
CVE ID: 2007-0034 (see also: NVD)
Bugtraq ID: 21936
Secunia Advisory ID: 23674
CERT VU: 271860
SCIP VulDB ID: 2810
Related OSVDB ID: 31252 31253
Microsoft Knowledge Base Article: 925938
VUPEN Advisory: ADV-2007-0104
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-01/0302.html
Generic Informational URL: http://www.computerterrorism.com/research/ct09-01-2007.htm
News Article: http://www.eweek.com/article2/0,1895,2081067,00.asp
Microsoft Security Bulletin: MS07-003
US-CERT Cyber Security Alert: TA07-009A

Credit

Stuart Pearson - Computer Terrorism

Direct URL: http://osvdb.org/31254

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Microsoft Corporation

Outlook

References

Credit