Microsoft Outlook VEVENT Record Handling Remote Code Execution

2007-01-09T14:48:39
ID OSVDB:31252
Type osvdb
Reporter Lurene Grenier()
Modified 2007-01-09T14:48:39

Description

Vulnerability Description

A remote memory corruption flaw exists in Outlook. The program fails to validate VEVENT records in .iCal meeting requests resulting in memory corruption. With a specially crafted file, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.

Short Description

A remote memory corruption flaw exists in Outlook. The program fails to validate VEVENT records in .iCal meeting requests resulting in memory corruption. With a specially crafted file, an attacker can cause arbitrary code execution resulting in a loss of integrity.

References:

US-CERT Cyber Security Alert: TA07-009A Security Tracker: 1017488 Secunia Advisory ID:23674 Related OSVDB ID: 31254 Related OSVDB ID: 31253 News Article: http://www.eweek.com/article2/0,1895,2081067,00.asp Microsoft Security Bulletin: MS07-003 Microsoft Knowledge Base Article: 925938 Mail List Post: http://www.securityfocus.com/archive/1/archive/1/457274/100/0/threaded FrSIRT Advisory: ADV-2007-0104 CVE-2007-0033 CERT VU: 476900 Bugtraq ID: 21931