Microsoft Office Outlook SMB Attachment Vulnerability

Overview

» IDS/IPS Signatures

Security Sites

iPolicy Networks Security Advisory


Date Discovered:	07/13/2010
Severity:	Medium
Operating Systems Affected:	Microsoft Windows
Application Affected:	Microsoft Office XP SP 3 Microsoft Office 2003 SP 3 Microsoft Office System 2007 SP 1 Microsoft Office System 2007 SP 2
Identifiers:	CVE-2010-0266

Synopsis

Microsoft Office Outlook is vulnerable to remote code execution attack as it does not properly verify the email attachments.

Recommended Actions

Patch is available from vendor at following link:-
http://www.microsoft.com/technet/security/bulletin/ms10-045.mspx

Threat Analysis

Microsoft Office Outlook is a personal information manager application. It is major used for email management which also includes a Calendar, Task Manager, Contact Manager, note taking, a journal and web browsing.

There is a remote code execution vulnerability found in it. This issue exists as application failed to properly verify the attachment which is attached using the ATTACH_BY_REFERENCE value of the PR_ATTACH_METHOD property.

Remote attacker can exploit this issue via crafting an email with malicious attachment and send it to the victim.

References

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0266

Write-up by: Vikrant