[Esd-l] Outlook 2003 exploit using active scripting.
Joe Steele
joe at madewell.com
Wed May 19 16:50:27 PDT 2004
On Wednesday, May 19, 2004 11:18 AM, Smart,Dan wrote:
>
> John:
> Do you have a suggestion on how to handle this new Outlook 2003
> vulnerability? See:
>
> http://secunia.com/advisories/11629/
>
I had wondered about this myself when it appeared on bugtraq a couple
days ago:
http://www.securityfocus.com/archive/1/363596
I haven't studied the sample message (I didn't want to open it in
Outlook, and I'm not sure how to open it otherwise), but I suspect
that it sends itself as an "application/ms-tnef" MIME type (based on
a little experimenting with embedding objects in a RTF Outlook
message). If this is indeed true, then defining
"SECURITY_STRIP_MSTNEF" should be sufficient protection. Would
anyone care to confirm that this is how the sample message sends
itself?
--Joe
More information about the esd-l
mailing list