Microsoft Outlook URI Vulnerability( 12 March 2008 )
Last Update Date:
28 Jan 2011
Release Date:
12 Mar 2008
4248
Views
RISK: Medium Risk
A remote code execution exists in Outlook. The vulnerability could allow remote code execution if Outlook is passed a specially crafted mailto URI. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Impact
- Remote Code Execution
System / Technologies affected
- Microsoft Office 2000 Service Pack 3
- Outlook 2000 Service Pack 3 - Microsoft Office XP Service Pack 3
- Outlook 2002 Service Pack 3 - Microsoft Office 2003 Service Pack 2
- Outlook 2003 Service Pack 2 - Microsoft Office 2003 Service Pack 3
- Outlook 2003 Service Pack 3 - 2007 Microsoft Office System
- Outlook 2007
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
Download locations for this patch
- Microsoft Office 2000 Service Pack 3
- Outlook 2000 Service Pack 3 - Microsoft Office XP Service Pack 3
- Outlook 2002 Service Pack 3 - Microsoft Office 2003 Service Pack 2
- Outlook 2003 Service Pack 2 - Microsoft Office 2003 Service Pack 3
- Outlook 2003 Service Pack 3 - 2007 Microsoft Office System
- Outlook 2007
Vulnerability Identifier
Source
Related Link
Share with