Vulnerability Development mailing list archives
MS06-003
From: solata10 () yahoo com
Date: 16 Jan 2006 16:57:25 -0000
We all heard about the new vulnerability in ms outlook, but not much detailed information is availible. The vulnerability is caused due to boundary error when decoding the Transport Neutral Encapsulation Format (TNEF) MIME attachment. This can be exploited to execute arbitrary code when the user opens or previews a specially crafted TNEF email message or when the Microsoft Exchange Server Information Store processes the message. this is all we've been given, and for details we'll have to wait another 3 months. so i was thinking about getting some more info on this bug. Seems the vulnerable code was inside OUTLLIBR.DLL ,since this is the only dll that was updated after applying ms security patch. i've been debuging it a little, but couldnt find anything usefull. also i was looking at TNEF specifications, and i didnt find anything suspicious. http://msdn.microsoft.com/library/en-us/mapi/html/16cc2cac-7662-415e-aab8-fb1044aeb14f.asp?frame=true
Current thread:
- MS06-003 solata10 (Jan 18)