Security-Alerts mailing list archive (security-alerts@yandex-team.ru)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[security-alerts] FW: [SA25639] Microsoft Outlook Express and Windows Mail Multiple Vulnerabilities
>
> TITLE:
> Microsoft Outlook Express and Windows Mail Multiple Vulnerabilities
>
> SECUNIA ADVISORY ID:
> SA25639
>
> VERIFY ADVISORY:
> http://secunia.com/advisories/25639/
>
> CRITICAL:
> Highly critical
>
> IMPACT:
> Security Bypass, Exposure of sensitive information, System access
>
> WHERE:
> From remote
>
> OPERATING SYSTEM:
> Microsoft Windows XP Professional
> http://secunia.com/product/22/
> Microsoft Windows XP Home Edition
> http://secunia.com/product/16/
> Microsoft Windows Vista
> http://secunia.com/product/13223/
> Microsoft Windows Storage Server 2003
> http://secunia.com/product/12399/
> Microsoft Windows Server 2003 Web Edition
> http://secunia.com/product/1176/
> Microsoft Windows Server 2003 Standard Edition
> http://secunia.com/product/1173/
> Microsoft Windows Server 2003 Enterprise Edition
> http://secunia.com/product/1174/
> Microsoft Windows Server 2003 Datacenter Edition
> http://secunia.com/product/1175/
>
> SOFTWARE:
> Microsoft Outlook Express 6
> http://secunia.com/product/102/
>
> DESCRIPTION:
> Some vulnerabilities have been reported in Microsoft Outlook Express
> and Windows Mail, which can be exploited by malicious people to
> disclose sensitive information and compromise a user's system.
>
> 1) An error in Windows Mail within the handling of UNC navigation
> requests can be exploited to execute arbitrary code via a local file
> or UNC path when a user clicks on a link in a specially crafted email
> message.
>
> 2) An error in the MHTML protocol handler when returning MHTML
> content can be exploited to read data from another security zone or
> domain in Internet Explorer when a user visits a specially crafted
> web page.
>
> 3) An error exists in the MHTML protocol handler when passing
> Content-Disposition notifications back to Internet Explorer. This can
> be exploited to bypass the file download dialog box and to read data
> from another Internet Explorer domain when a user visits a specially
> crafted web page.
>
> SOLUTION:
> Apply patches.
>
> Windows XP SP2:
> http://www.microsoft.com/downloads/details.aspx?FamilyId=27cca
556-0872-4803-b610-4c895ceb99aa
>
> Windows XP Professional x64 Edition (optionally with SP2):
> http://www.microsoft.com/downloads/details.aspx?FamilyId=1ea81
3bf-bddb-40f0-8960-b9debc8413e7
>
> Windows Server 2003 SP1/SP2:
> http://www.microsoft.com/downloads/details.aspx?FamilyId=93808
a74-035c-4ab7-9283-c693d7bd82be
>
> Windows Server 2003 x64 Edition (optionally with SP2):
> http://www.microsoft.com/downloads/details.aspx?FamilyId=f6332
3a9-e285-45e5-84bd-71ae9da126e3
>
> Windows Server 2003 SP1/SP2 for Itanium-based systems:
> http://www.microsoft.com/downloads/details.aspx?FamilyId=2e62e
96e-6571-437d-a612-99175ac39025
>
> Windows Vista:
> http://www.microsoft.com/downloads/details.aspx?FamilyId=ee57d
e19-44ea-48f2-ae28-e76fd2018633
>
> Windows Vista x64 Edition:
> http://www.microsoft.com/downloads/details.aspx?FamilyId=343db
20f-7794-4423-b11d-885329fbdf78
>
> PROVIDED AND/OR DISCOVERED BY:
> 1) kingcope
> 2) Reported by the vendor.
> 3) The vendor credits Yosuke Hasegawa, WebAppSec.JP.
>
> ORIGINAL ADVISORY:
> MS07-034 (KB929123):
> http://www.microsoft.com/technet/security/bulletin/ms07-034.mspx
>
|