Outlook vCard Buffer Overflow

Reported February 22, 2001, by Microsoft.

VERSIONS AFFECTED
  • Microsoft Outlook¬†
  • Microsoft Outlook Express

DESCRIPTION

A buffer overflow has been discovered in the vCard handler of Microsoft Outlook and Outlook Express. By sending a specially crafted vCard, a malicious user can cause the mail client to fail and possibly launch arbitrary code.

VENDOR RESPONSE

Microsoft has released a security bulletin, MS01-012, and a patch to address the issue.

CREDIT
Discovered by @Stake.

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish