Denial of Service in Microsoft Outlook 2002

Reported December 4, 2002, by Microsoft.

VERSIONS AFFECTED

 

·         Microsoft Outlook 2002

 

 

DESCRIPTION

 

A Denial of Service (DoS) vulnerability exists in Microsoft Outlook 2002. This vulnerability stems from a fault in the way Outlook 2002 processes email header information. To crash a vulnerable client, an attacker can send a message that contains specific header information. The client will remain affected until you delete the message from the server.

 

 

VENDOR RESPONSE

 

Microsoft has released Security Bulletin MS02-067, "E-mail Header Processing Flaw Could Cause Outlook 2002 to Fail (331866)," to address this vulnerability and recommends that affected users apply the appropriate patch mentioned in the bulletin.

 

CREDIT          

Discovered by Richard Lawley.

TAGS: Security
Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish