Microsoft Outlook RTF Embedded Object Security Bypass

2004-05-17T16:30:53
ID OSVDB:6217
Type osvdb
Reporter http-equiv(http-equiv@excite.com )
Modified 2004-05-17T16:30:53

Description

Vulnerability Description

Microsoft Outlook 2003 contains a flaw that may allow a remote attacker to bypass security setting. By embedding an OLE object with reference to a Windows media file in a RTF message, a remote attacker could be able to start a download sequence of arbitrary files, which normally causes Internet Explorer to prompt whether to download the file. It is possible that the flaw may allow the launch of arbitrary files without any warning, resulting in a loss of integrity.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

Microsoft Outlook 2003 contains a flaw that may allow a remote attacker to bypass security setting. By embedding an OLE object with reference to a Windows media file in a RTF message, a remote attacker could be able to start a download sequence of arbitrary files, which normally causes Internet Explorer to prompt whether to download the file. It is possible that the flaw may allow the launch of arbitrary files without any warning, resulting in a loss of integrity.

References:

Secunia Advisory ID:11629 Related OSVDB ID: 6079 Related OSVDB ID: 5998 Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0885.html ISS X-Force ID: 16173 Generic Informational URL: http://www.malware.com/rockitman.png Generic Exploit URL: http://www.malware.com/rockIT.zip CVE-2004-0503 Bugtraq ID: 10369