Skip navigation
Menu
Collaboration>Email and Calendaring

Code Execution Vulnerability in Microsoft Outlook 2002

Reported March 9, 2004, by Microsoft.

 

 

 

VERSIONS AFFECTED

 

·         Microsoft Office XP Service Pack 2 (SP2)

·         Microsoft Office Outlook 2002 SP2

 

DESCRIPTION

 

A vulnerability in Outlook 2002 can result in the execution of arbitrary code on the vulnerable system, under the Local Computer Zone. The parsing of specially crafted mailto URLs by Outlook 2002 causes this vulnerability.

 

VENDOR RESPONSE

 

Microsoft has released security bulletin MS04-009, "Vulnerability in Microsoft Outlook Could Allow Code Execution (828040)," to address this vulnerability and recommends that affected users immediately apply the appropriate patch listed in the bulletin.

 

CREDIT

 

Discovered by iDefense and Jouko Pynnönen.

TAGS: Security
Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
zoom logo
Zoom Releases New AI-Powered Collaboration Platform—Zoom Workspace—Plus Other Updates
Mar 26, 2024
person working from home using smart phone and notebook computer
Monitoring Employee Productivity, Balance Surveillance with Transparency
Jan 03, 2024
zoom logo on screens of laptop and smartphone device.jpg
At Zoomtopia, Small Businesses Share Transformation Stories
Oct 12, 2023
zoom logo
Zoom Unveils Docs, Upgrades Contact Center Offerings
Oct 03, 2023