MS Outlook iCal Meeting Request VEVENT Record Memory Corruption (MS07-003; CVE-2007-0033)

Microsoft provides server and client side implementations of email protocols such as SMTP, POP3 and IMAP. The widely used Microsoft Outlook product is an implementation of an email client capable of handling most standard Internet protocols as well as numerous proprietary Microsoft protocols and...

Microsoft Outlook VEVENT记录远程代码执行漏洞（MS07-003）

Microsoft Outlook是Office套件所捆绑的邮件客户端。 Microsoft Outlook在处理畸形VEVENT记录时存在漏洞，远程攻击者可能利用此漏洞控制用户机器。 攻击可以通过处理包含畸形VEVENT记录的.ics（iCal）文件来利用此漏洞，如果用户使用管理用户权限登录，成功利用此漏洞的攻击者便可完全控制受影响的系统。攻击者可随后安装程序；查看、更改或删除数据；或者创建拥有完全用户权限的新帐户。那些帐户被配置为拥有较少系统用户权限的用户比具有管理用户权限的用户受到的影响要小。 Microsoft Outlook 2003 Microsoft Outlook 200...

Design/Logic Flaw

Microsoft Outlook 2002 and 2003 allows user-assisted remote attackers to execute arbitrary code via a malformed VEVENT record in an .iCal meeting request or ICS file...

CVE-2007-0033

Microsoft Outlook 2002 and 2003 allows user-assisted remote attackers to execute arbitrary code via a malformed VEVENT record in an .iCal meeting request or ICS file...

CVE-2007-0033

Microsoft Outlook 2002 and 2003 allows user-assisted remote attackers to execute arbitrary code via a malformed VEVENT record in an .iCal meeting request or ICS file...

CVE-2007-0033

CVE-2007-0033 is a memory corruption/remote code execution vulnerability in Microsoft Outlook 2002 and 2003 triggered by parsing a malformed VEVENT record in an iCalendar (.ics) file or meeting request. The flaw arises from inadequate validation when processing VEVENT data, enabling a user-assist...

Microsoft Outlook fails to properly process a VEVENT record

Overview Microsoft Outlook contains a memory corruption vulnerability that could enable an attacker to execute arbitrary code and gain complete control of the vulnerable system. Description Microsoft Outlook fails to properly handle malformed VEVENT records. When an .iCal meeting request containi...