Microsoft Outlook SMB Attachment ATTACH_BY_REFERENCE vulnerability

2010-07-16T00:00:00
ID SAINT:9597EBC8B0D0E86306EF478B38730CE0
Type saint
Reporter SAINT Corporation
Modified 2010-07-16T00:00:00

Description

Added: 07/16/2010
CVE: CVE-2010-0266
BID: 41446
OSVDB: 66296

Background

Microsoft Outlook is an e-mail client which also provides calendar, scheduling, contact management, and information sharing capabilities.

Problem

A vulnerability in Microsoft Outlook allows command execution when a user opens an e-mail message containing a specially crafted attachment with the PR_ATTACH_METHOD property set to ATTACH_BY_REFERENCE.

Resolution

Apply the patch referenced in Microsoft Security Bulletin 10-045.

References

<http://archives.neohapsis.com/archives/fulldisclosure/2010-07/0211.html>

Limitations

Exploit works on Microsoft Office Outlook 2007 SP2.

After launching the exploit, download the exploit file onto the specified SMB share. The specified SMB share must be accessible by the target user.

Platforms

Windows