Reported October 10, 2002, by Microsoft.

 

 

VERSION AFFECTED

 

·         Microsoft Outlook Express 6.0

·         Microsoft Outlook Express 5.5

 

 

DESCRIPTION

 

A buffer overrun vulnerability exists in Outlook Express’s S/MIME parser that can lead to the execution of arbitrary code on the vulnerable system. This vulnerability stems from a vulnerability in the code that generates a warning message when a particular error condition associated with digital signatures occurs. By creating a digitally signed email and editing it to introduce specific data and sending it to another user, an attacker can cause the vulnerable mail client to fail or execute arbitrary code.

 

VENDOR RESPONSE

 

The vendor, Microsoft, has released Security Bulletin MS02-058 (Unchecked Buffer in Outlook Express S/MIME Parsing Could Enable System Compromise) to address this vulnerability and recommends that affected users immediately apply the patch mentioned in the bulletin.

 

CREDIT

Discovered by Noam Rathaus of Beyond Security Ltd