Welcome to our website
To take full advantage of all features you need to login or register. Registration is completely free and takes only a few seconds.
Outlook View Control Exposes Unsafe Functionality 2.0
Posted by Philipp Esselbach on: 08/17/2001 09:23 AM [ Print | 0 comment(s) ]
On July 12, 2001, Microsoft released the original version of this bulletin, to advise customers of a vulnerability affecting Microsoft Outlook and to recommend that they temporarily use an administrative procedure to protect their systems. A patch that eliminates the vulnerability is now available. An updated version of the bulletin was released on August 16, 2001, to announce the availability of the patch and to advise customers that the administrative procedure is no longer needed.
The Microsoft Outlook View Control is an ActiveX control that allows Outlook mail folders to be viewed via web pages. The control should only allow passive operations such as viewing mail or calendar data. In reality, though, it exposes a function that could allow the web page to manipulate Outlook data. This could enable an attacker to delete mail, change calendar information, or take virtually any other action through Outlook including running arbitrary code on the user's machine.
Read more
The Microsoft Outlook View Control is an ActiveX control that allows Outlook mail folders to be viewed via web pages. The control should only allow passive operations such as viewing mail or calendar data. In reality, though, it exposes a function that could allow the web page to manipulate Outlook data. This could enable an attacker to delete mail, change calendar information, or take virtually any other action through Outlook including running arbitrary code on the user's machine.
Read more
Related Threads
10/26/2009 06:59 AM: Trouble with Outlook Express (0) by Sinluan
10/20/2009 10:59 PM: SharePoint & Outlook Public Folder Calendars (1) by Myke
08/08/2009 11:48 AM: Need help with Outlook Express... (3) by Tech Tiger
08/09/2009 07:14 PM: Outlook freezes accessing global Contacts (5) by DosFreak
09/09/2008 06:35 PM: outlook contact..TO is different than adres book (1) by Myke
04/10/2010 11:35 AM: Euro symbol and Outlook Express 6 (6) by AlexKrenvalk
08/03/2007 09:24 PM: Missing e-mails/events in Outlook 2002 (1) by Myke
02/07/2009 01:38 AM: Outlook Express 6 Compact messages- OK or Cancel (5) by JCB
05/16/2007 09:32 AM: Outlook Express problem (0) by Bigade
04/18/2007 04:31 PM: Outlook Express Backup how to (2) by FabianT
10/20/2009 10:59 PM: SharePoint & Outlook Public Folder Calendars (1) by Myke
08/08/2009 11:48 AM: Need help with Outlook Express... (3) by Tech Tiger
08/09/2009 07:14 PM: Outlook freezes accessing global Contacts (5) by DosFreak
09/09/2008 06:35 PM: outlook contact..TO is different than adres book (1) by Myke
04/10/2010 11:35 AM: Euro symbol and Outlook Express 6 (6) by AlexKrenvalk
08/03/2007 09:24 PM: Missing e-mails/events in Outlook 2002 (1) by Myke
02/07/2009 01:38 AM: Outlook Express 6 Compact messages- OK or Cancel (5) by JCB
05/16/2007 09:32 AM: Outlook Express problem (0) by Bigade
04/18/2007 04:31 PM: Outlook Express Backup how to (2) by FabianT