Computer Security
[EN] securityvulns.ru no-pyccku


Microsoft Outlook Express / Windows Mail NNTP buffer overflow
Published:10.10.2007
Source:
SecurityVulns ID:8228
Type:client
Threat Level:
8/10
Description:Heap memory overflow on NNTP server reply parsing.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 MICROSOFT : Windows Vista
CVE:CVE-2007-3897 (Heap-based buffer overflow in Microsoft Outlook Express 6 and earlier, and Windows Mail for Vista, allows remote Network News Transfer Protocol (NNTP) servers to execute arbitrary code via long NNTP responses that trigger memory corruption.)
Original documentdocumentMICROSOFT, Microsoft Security Bulletin MS07-056 - Critical Security Update for Outlook Express and Windows Mail (941202) (10.10.2007)
 documentIDEFENSE, iDefense Security Advisory 10.09.07: Microsoft Windows Mail and Outlook Express NNTP Protocol Heap Overflow (10.10.2007)
Files:Microsoft Security Bulletin MS07-056 - Critical Security Update for Outlook Express and Windows Mail (941202)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod