Running Arbitrary Code on Email Clients

Long File Names Allow Arbitrary Code to Run
Reported August 11, 1998 by Microsoft and NTBugTraq

VERSIONS AFFECTED

  • Outlook 98 on Windows® 95, Windows 98 and Microsoft Windows NT® 4.0
  • Outlook Express 4.0, 4.01 (including 4.01 with Service Pack 1) on Windows 95, Windows 98 and Windows NT 4.0
  • Outlook Express 4.01 on Solaris
  • Outlook Express 4.01 on the Macintosh
  • Netscape Mail Clients

DESCRIPTION

When the email client receives a malicious mail or news message that contains an attachment with a very long filename, it could cause the email client to shut down unexpectedly, or allow arbitrary code to execute on the client workstation. 

SOLUTION

Microsoft Outlook 98
Customers using Microsoft Outlook 98 for Windows 95, Windows 98 or Windows NT 4.0 should download the updated Outlook 98 patch from Office Update at http://www.microsoft.com/outlook/enhancements/outptch2.asp

Localized versions of the Outlook 98 patch will be released shortly.

Microsoft Outlook Express 4.x
If you are using Outlook Express 4.0 that comes with Internet Explorer 4.0 on Windows 95, Windows 98 or Windows NT 4.0, you must first upgrade to Internet Explorer 4.01 SP1 (http://www.microsoft.com/ie/download), then install the Outlook Express updated patch listed below.

Customers using Microsoft Outlook Express 4.01 or 4.01 SP1 for Windows 95, Windows 98, Windows NT 4.0 or the Macintosh should download the available updated patch from the Internet Explorer security Web site, (http://www.microsoft.com/ie/security/oelong.htm)

Windows 98 customers can also get the updated Outlook Express patch using the Windows Update feature of Windows 98. For more information, please visit the Windows Update site, http://windowsupdate.microsoft.com

To learn more about NT Security concerns, subscribe to NTSD

Credits
- Originally reported by Microsoft
- Posted on The NT Shop on August 19, 1998

Copyright (C) 1998 - M.E. -- ALL RIGHTS RESERVED
Unauthorized duplication expressly prohibited
LINK TO THIS PAGE INSTEAD OF VIOLATING OUR COPYRIGHT

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish