Home · Compatibility Lists · Support Forums · FAQ · News Archive · Articles · Submit News/Upcoming News
NT Compatible
advertisement


Latest Web News

Wise Registry Cleaner 3.81
Slim Browser 4.11 Build 018
SpeedFan 4.37
The HP Mini 1000 - 2nd Ge...
GTX 260 V Radeon 4870 (dr...
2008 Holiday ANTI-Shoppin...
Eagle iNeo I-NA303USUE 3....
ASUS Rampage II Extreme X...
Cyber Snipa PC Game Pad 2...
Logitech MX Air Rechargea...

Latest Threads

[Security Announce] [ MDV...
Top Holiday Games of 2008...
advanced bios help
Return to Krondor & Betra...
Antec Signature 650 Power...
[Security Announce] [ MDV...
Running Windows 3.1 in Do...
[slackware-security] moz...
Sleek-Audio Custom Earpho...
[Security Announce] [ MDV...

Latest Linux News

Wine 1.1.9
Fedora 11 Proposed Schedule
CESA-2008:0972 Important ...
CESA-2008:0972 Important ...
RHSA-2008:0976-01 Moderat...
USN-674-1: HPLIP vulnerab...
Exciting Features For Ubu...
DSA 1667-1: New python2.4...
RHSA-2008:0972-01 Importa...
CESA-2008:0977 Critical C...

Latest Mac News

Apple, Palm taking differ...
iPhone Update Soups Up St...
Apple updates Final Cut P...
EasyBatch 1.0
Apple releases iPhone Sof...
Mac Bloggers Dig Psystar'...
Apple iTunes 8.0.2
Apple Pro Applications Up...
Apple iPhone Update (via ...
Vuze (was Azureus) 4.0.0.4

Welcome to our website

To take full advantage of all features you need to login or register. Registration is completely free and takes only a few seconds.

Advertisement

Topics

Microsoft
Windows XP
Windows Server 2003
Windows Vista
Windows Server 2008
Windows Home Server
Reviews
Software
Security
Guides
General

News Feeds

Handheld/PDA
XML News Feeds
View Sidebar
Mozilla Sidebar

Appearance

Default
Default Bold
Wide
Wide Bold

Links

HDTV.Esselbach.at
Links Page

Unchecked Buffer in Outlook Express S/MIME Parsing ...
Posted by Philipp on: 2002-10-11 10:37:13 [ Print | Permalink ]

Microsoft has released a new security update for Outlook Express:

Unchecked Buffer in Outlook Express S/MIME Parsing Could Enable System Compromise (Q328676)

To allow for verification of the authenticity of mail messages, Microsoft Outlook Express supports digital signing of messages through S/MIME. A buffer overrun vulnerability lies in the code that generates the warning message when a particular error condition associated with digital signatures occurs.

By creating a digitally signed email and editing it to introduce specific data, then sending it to another user, an attacker could cause either of two effects to occur if the recipient opened or previewed it. In the less serious case, the attacker could cause the mail client to fail. If this happened, the recipient could resume normal operation by restarting the mail client and deleting the offending mail. In the more serious case, the attacker could cause the mail client to run code of their choice on the user's machine. Such code could take any desired action, limited only by the permissions of the recipient on the machine.

This vulnerability could only affect messages that are signed using S/MIME and sent to an Outlook Express user. Users of Microsoft Outlook products are not affected by this vulnerability.

Read more



Digg it! Slashdot Del.icio.us Technorati Fark it! Binklist Furl Newsvine Windows Live Netscape Google Bookmarks Reddit! LinkaGoGo Tailrank Wink Dzone Simpy Spurl Yahoo! MyWeb NetVouz RawSugar Smarking Scuttle Magnolia BlogMarks Nowpublic FeedMeLinks Wists Onlywire Connotia Shadows Co.mments
News Source: Email

Related Stories RSS

- Patch: Unchecked Buffer in DirectX Could Enable System Compromise (08/20/2003 11:02 pm)
- Unchecked Buffer in DirectX Could Enable System Compromise (07/24/2003 01:01 am)
- Unchecked Buffer in Windows Redirector Could Allow (02/06/2003 09:22 am)
- Unchecked Buffer in Locator Service Could Lead to Code Execution (01/22/2003 10:07 pm)
- Unchecked Buffer in PPTP Implementation Could Enable DoS Attacks (10/31/2002 10:28 am)
- Unchecked Buffer in Windows Help Facility Could ... (10/03/2002 10:49 am)
- Unchecked Buffer in File Decompression Functions Could... (10/03/2002 10:41 am)
- Unchecked Buffer in Network Share Provider Can Lead to ... (08/23/2002 04:12 am)
- Unchecked Buffer in Content Management Server Could ... (08/08/2002 02:41 am)
- Unchecked Buffer in MDAC Function Could Enable SQL ... (08/01/2002 01:35 am)
- Unchecked Buffer in Remote Access Service Phonebook Could... (07/03/2002 01:38 am)
- Unchecked Buffer in Profile Service Could Allow Code ... (06/27/2002 01:15 am)
- Unchecked Buffer in Gopher Protocol Handler Can Run Code of Attacker's Choice (06/15/2002 01:02 am)
- Unchecked Buffer in SQLXML Could Lead to Code Execution (06/14/2002 01:25 am)
- Unchecked Buffer in Remote Access Service Phonebook Could Lead to Code Execution (06/13/2002 10:08 am)
- Unchecked Buffer in MSN Chat Control Can Lead to Code Execution (06/12/2002 02:26 am)
- Unchecked Buffer in Gopher Protocol Handler Can Run Code of Attacker's Choice (06/12/2002 02:25 am)
- Unchecked Buffer in ASP.NET Worker Process (06/07/2002 02:23 am)
- Unchecked Buffer in MSN Chat Control Can Lead to Code Execution (05/09/2002 02:22 am)
- SQL Extended Procedure Functions Contain Unchecked Buffers (04/18/2002 01:26 pm)

Comments are disabled for this news story

All products mentioned are registered trademarks or trademarks of their respective owners.
© 1998-2008 Esselbach Internet Solutions - All Rights Reserved. Terms and privacy policy
Website powered by Esselbach Storyteller CMS System