Lucene search
K

3 matches found

seebug.org
seebug.org
added 2008/03/14 12:0 a.m.31 views

Microsoft Outlook Mailto URI远程代码执行漏洞(MS08-015)

BUGTRAQ ID: 28147 CVECAN ID: CVE-2008-0110 Microsoft Outlook是Office套件所捆绑的邮件客户端。 Outlook没有正确地验证传送给客户端的mailto URI,成功利用这个漏洞的攻击者可以访问敏感信息或完全控制受影响的系统。 如果用户受骗跟随了特制的mailto URI的话,就可能导致Web浏览器向Outlook传送额外的命令行开关,而这些开关可以修改Outlook的帐号配置。 Microsoft Outlook 2007 Microsoft Outlook 2003 SP3 Microsoft Outlook 2003 S...

9.3CVSS6.8AI score0.31934EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2008/03/11 12:0 a.m.10 views

Microsoft Office Outlook mailto URI Handling Code Execution (MS08-015; CVE-2008-0110)

Microsoft Office Outlook is a personal information manager that provides an e-mail application, a calendar and task and contact management.A remote code execution vulnerability has been reported in Microsoft Office Outlook. The vulnerability is due to an error in Microsoft Office Outlook that fai...

9.3CVSS6.9AI score0.31934EPSS
Exploits1
CERT
CERT
added 2008/03/11 12:0 a.m.93 views

Microsoft Office mailto URI remote code execution

Overview A vulnerability in the way that Microsoft Outlook handles a certain type of hyperlink could allow a remote attacker to execute arbitrary code on the vulnerable system. Description Microsoft Outlook provides a centralized application for managing and organizing e-mail messages, schedules,...

9.3CVSS7AI score0.31934EPSS
Exploits1References2
Rows per page
Query Builder