__/ [ ed ] on Saturday 13 January 2007 22:39 \__
> On Sat, 13 Jan 2007 21:31:17 +0000
> Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx> wrote:
>
>> __/ [ ed ] on Saturday 13 January 2007 20:51 \__
>>
>> > On 13 Jan 2007 10:45:42 -0800
>> > "Doug Mentohl" <doug_mentohl@xxxxxxxxxxxxx> wrote:
>> >
>> >> "When Outlook opens a specially crafted .iCal meeting request and
>> >> parses a malformed VEVENT request, it may corrupt system memory in
>> >> such a way that an attacker could execute arbitrary code and take
>> >> complete control of an affected system"
>> >>
>> >> http://www.cgidir.com/news/press/070111SourceFire.html
>> >> http://www.microsoft.com/technet/security/bulletin/MS07-003.mspx
>> >>
>> >
>> > i send you email, i take over your computer...
>>
>> In Soviet Russia (or Linux), user sends E-mail containing root
>> password to cracker, crakcer takes over your computer
>
> heh :o)
>
> this isn't the first time that outlook has been susceptible to exploits
> based on the contents of mail messages.
>
> email: run this for me please,
> outlook: ok, stranger
They have taken a step back with Outlook 2007... 5 years into the past...
table-based 'HTML', based on Microsoft Word. So many crimes and so much
crippling at the same time. Boy, that company is so lost...
--
~~ Best regards
Roy S. Schestowitz | Othello for Win32/Linux: http://othellomaster.com
http://Schestowitz.com | Open Prospects ¦ PGP-Key: 0x74572E8E
Tasks: 122 total, 1 running, 119 sleeping, 0 stopped, 2 zombie
http://iuron.com - knowledge engine, not a search engine
|
|
