[34100] in bugtraq
Re: Outlook mailto: URL argument injection vulnerability MS04-009
daemon@ATHENA.MIT.EDU (K-OTiK Security)
Thu Mar 11 13:16:01 2004
Date: 11 Mar 2004 09:15:07 -0000
Message-ID: <20040311091507.21896.qmail@www.securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: K-OTiK Security <Special-Alerts@k-otik.com>
To: bugtraq@securityfocus.com
In-Reply-To: <20040310123503.GC9654@jouko.iki.fi>
>Date: Wed, 10 Mar 2004 14:35:05 +0200
>From: Jouko Pynnonen <jouko@iki.fi>
>To: bugtraq@securityfocus.com
>Subject: Outlook mailto: URL argument injection vulnerability
> [...]
>If the "Outlook today" view isn't the default view in Outlook, the
>attacker can still carry out the attack by using two mailto: URLs; The
>information in the mitigating factors section of Microsoft's bulletin
>regarding this is inaccurate. The first mailto: URL would start
>OUTLOOK.EXE and cause it to show the "Outlook today" view, and the
>second one would supply the offending JavaScript code. This scenario
>was verified by an exploit.
>
The Microsoft's advisory "Outlook 2002 mailto arbitrary code execution" was updated yesterday, the Maximum Severity Rating was upgraded from "Important" to "Critical".
V2.0 (March 10, 2004): Bulletin updated to reflect on a revised severity rating of Critical and to advise of a new client update.
Best Regards.
Gilles Fabienni - Consultant Sécurité
Cellule Veille - K-OTik Security
http://www.k-otik.com
