Re: Outlook mailto: URL argument injection vulnerability MS04-009 (Now CRITICAL) !
In-Reply-To: <20040310123503.GC9654@xxxxxxxxxxxx>
>Date: Wed, 10 Mar 2004 14:35:05 +0200
>From: Jouko Pynnonen <jouko@xxxxxx>
>To: bugtraq@xxxxxxxxxxxxxxxxx
>Subject: Outlook mailto: URL argument injection vulnerability
> [...]
>If the "Outlook today" view isn't the default view in Outlook, the
>attacker can still carry out the attack by using two mailto: URLs; The
>information in the mitigating factors section of Microsoft's bulletin
>regarding this is inaccurate. The first mailto: URL would start
>OUTLOOK.EXE and cause it to show the "Outlook today" view, and the
>second one would supply the offending JavaScript code. This scenario
>was verified by an exploit.
>
The Microsoft's advisory "Outlook 2002 mailto arbitrary code execution" was
updated yesterday, the Maximum Severity Rating was upgraded from "Important" to
"Critical".
V2.0 (March 10, 2004): Bulletin updated to reflect on a revised severity rating
of Critical and to advise of a new client update.
Best Regards.
Gilles Fabienni - Consultant Sécurité
Cellule Veille - K-OTik Security
http://www.k-otik.com