Bounds checking is for losers.

| No Comments

Bounds checking is for losers.


The problem lies in how Outlook and Outlook Express handles the parsing of the GMT section of the date field in the header of an email. This process is handled by INETCOMM.DLL. Improper bounds checking exists on the token represented by GMT. Therefore, if a malicious user was to send a specially crafted email message containing an unusually long value in the GMT specification, the buffer would be overflowed making arbitrary code execution possible.

...


In Outlook Express, a user would merely have to open a folder containing a malicious email in order to become vulnerable. Outlook users are vulnerable if they preview, read, reply, or forward an offending email. The only exception to exploitation is under Outlook if a user deletes or saves the email to disk.


Leave a comment

About this Entry

This page contains a single entry by was published on July 18, 2000 12:00 AM.

New PJ Harvey album in was the previous entry in this blog.

ZZZZZap! - Tesla Coil madness. is the next entry in this blog.

This is marginalia.org, a weblog by Bill Stilwell. I take the occasional photo.

Pages

Powered by Movable Type 4.24-en