|
|
 |
|
|
Pages: 1
Outlook 2002 and IE Bugs
(Click here to view the original thread with full colors/images)
Posted by: TotalRecall
Microsoft has released a security bulletin for a bug in Outlook 2002:
This is a denial of service vulnerability. An attacker who successfully exploited this vulnerability could cause a user to be unable to use Outlook 2002 to access their e-mail.
The vulnerability could not be used by an attacker to access the user’s e-mail or system in any way, nor does it pose any risk to e-mail servers. The only effect of a successful attack would be the failure of Outlook 2002 when the user attempted to access the e-mail server. Removing the specially malformed e-mail message from the e-mail server would return the Outlook client to normal operation.
And also another bulletin for a cumulative patch for Internet Explorer:
This vulnerability could allow a malicious web site operator to access information in another internet domain, or the user’s local system. It could also allow an attacker to launch an executable that was already on the user’s system.
In the event that the attacker was able to access files on the user’s local system, the actions that could be taken would be limited to reading the files, but not modifying or deleting them. If an attacker was to successfully cause an executable on the system to run, he would be unable to pass parameters to the executable, thereby limiting the scope of what the executable could do.
Downloads are available at the pages previously mentioned.
|
|
|
|
|
