Technical Description

Multiple vulnerabilities have been identified in Microsoft Outlook, which could be exploited by attackers to take complete control of an affected system or cause a denial of service.

The first issue is due to a memory corruption error when processing specially crafted ".iCal" meeting requests and parsing malformed VEVENT requests, which could be exploited by attackers to execute arbitrary commands.

The second vulnerability is due to an error when processing malformed email headers, which could be exploited by attackers to crash a vulnerable application via a specially crafted email.

The third vulnerability is due to a memory corruption error when processing a malformed Office Saved Searches (.oss) file, which could be exploited by attackers to execute arbitrary commands via a specially crafted email.

Affected Products

Microsoft Office 2000 Service Pack 3
Microsoft Office XP Service Pack 3
Microsoft Office 2003 Service Pack 2
Microsoft Outlook 2000
Microsoft Outlook 2002
Microsoft Outlook 2003

Solution

Security update for Microsoft Outlook 2000 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=97CE0B32-C6AF-4C6C-ABF1-838ED89062EB

Security update for Microsoft Outlook 2002 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=1D1991C5-3DE3-4258-9120-058FFD62B4F5

Security update for Microsoft Outlook 2003 :
http://www.microsoft.com/downloads/details.aspx?FamilyId=9E4DD8AE-2564-4176-AC2E-E3760058CB56

References

http://www.vupen.com/english/advisories/2007/0104
http://www.microsoft.com/technet/security/Bulletin/MS07-003.mspx

Credits

Vulnerabilities reported by Lurene Grenier (Sourcefire) and Stuart Pearson (Computer Terrorism).

ChangeLog

2007-01-09 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.