Microsoft Outlook Express NNTP Response Parsing Buffer Overflow
Severity: : High
CVE Kennungen: : CVE-2005-1213,MS05-030
Advisory Date: 14 czerwca 2016
DESCRIPTION
Stack-based buffer overflow in the news reader for Microsoft Outlook Express (MSOE.DLL) 5.5 SP2, 6, and 6 SP1 allows remote malicious NNTP servers to execute arbitrary code via a LIST response with a long second field.
INFORMATION EXPOSURE
- 1000780 - Microsoft Outlook Express NNTP Response Parsing Buffer Overflow
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1000780
Trend Micro Deep Security DPI Rule Name: 1000780 - Microsoft Outlook Express NNTP Response Parsing Buffer Overflow
AFFECTED SOFTWARE AND VERSION:
- Microsoft Outlook Express 5.5 SP2
- Microsoft Outlook Express 6
- Microsoft Outlook Express 6 SP1