3 matches found
Microsoft Outlook Mailto URI远程代码执行漏洞(MS08-015)
BUGTRAQ ID: 28147 CVECAN ID: CVE-2008-0110 Microsoft Outlook是Office套件所捆绑的邮件客户端。 Outlook没有正确地验证传送给客户端的mailto URI,成功利用这个漏洞的攻击者可以访问敏感信息或完全控制受影响的系统。 如果用户受骗跟随了特制的mailto URI的话,就可能导致Web浏览器向Outlook传送额外的命令行开关,而这些开关可以修改Outlook的帐号配置。 Microsoft Outlook 2007 Microsoft Outlook 2003 SP3 Microsoft Outlook 2003 S...
Microsoft Office mailto URI remote code execution
Overview A vulnerability in the way that Microsoft Outlook handles a certain type of hyperlink could allow a remote attacker to execute arbitrary code on the vulnerable system. Description Microsoft Outlook provides a centralized application for managing and organizing e-mail messages, schedules,...
Microsoft Office Outlook mailto URI Handling Code Execution (MS08-015; CVE-2008-0110)
Microsoft Office Outlook is a personal information manager that provides an e-mail application, a calendar and task and contact management.A remote code execution vulnerability has been reported in Microsoft Office Outlook. The vulnerability is due to an error in Microsoft Office Outlook that fai...