| VID |
26152 |
| Severity |
30 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The hotfix (900930) for 'Multiple issues in Outlook Express 6.0' has not been applied. This update fixes multiple Microsoft Outlook Express 6.0 vulnerabilities in Microsoft Windows XP. These vulnerabilities could allow a remote attacker to cause the client to crash or disclose sensitive information. Reportedly a remote attacker may cause the client to crash by sending specially crafted email messages. Another issue allows the default news server account to be displayed when a user replies to 'watched' conversation threads from multiple computers.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://support.microsoft.com/kb/900930
* Platforms Affected:
Microsoft Outlook Express 6.0 SP2
Microsoft Windows XP SP2 |
| Recommendation |
Apply the appropriate patch (900930) for your system, as listed in Microsoft Knowledge Base Article - 900930 at http://support.microsoft.com/kb/900930 |
| Related URL |
CVE-2005-2226 (CVE) |
| Related URL |
14225 (SecurityFocus) |
| Related URL |
(ISS) |
|
