| VID |
26281 |
| Severity |
30 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The Cumulative Security Update (MS07-034, 929123) for Microsoft Outlook Express and Windows Mail has not been applied. Microsoft Outlook Express is an e-mail and newsgroup client shipped with the Microsoft Windows operating system. Microsoft Windows XP and Windows Server 2003 running Outlook Express versions 6, and Windows Vista running Windows Mail are vulnerable to an information disclosure vulnerability and a remote code execution vulnerability as follows:
- URL Redirect Cross Domain Vulnerability (CVE-2006-2111): Information Disclosure
- Windows Mail UNC Navigation Request Vulnerability (CVE-2007-1658): Remote Code Execution
- URL Parsing Cross Domain Vulnerability (CVE-2007-2225): Information Disclosure
- Content Disposition Parsing Cross Domain Vulnerability (CVE-2007-2227): Information Disclosure
An attacker could exploit these vulnerabilities by hosting the malicious file on a Web site and then persuading a potential victim to visit the site or sending the file to a potential victim as an email attachment.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.microsoft.com/technet/security/bulletin/ms07-034.mspx
http://www.us-cert.gov/cas/techalerts/TA07-163A.html
http://www.kb.cert.org/vuls/id/682825
http://www.frsirt.com/english/advisories/2007/2154
http://www.securitytracker.com/id?1018231
http://www.securitytracker.com/id?1018232
http://www.securitytracker.com/id?1018233
http://www.securitytracker.com/id?1018234
http://secunia.com/advisories/25639
* Platforms Affected:
Microsoft Outlook Express 6
Microsoft Windows Mail
Microsoft Windows XP Service Pack 2
Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 Service Pack 2
Microsoft Windows Vista |
| Recommendation |
Apply the appropriate patch (929123) for your system, as listed in Microsoft Security Bulletin MS07-034 at http://www.microsoft.com/technet/security/bulletin/ms07-034.mspx
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com . Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2006-2111,CVE-2007-1658,CVE-2007-2225,CVE-2007-2227 (CVE) |
| Related URL |
17717,23103,24392,24410 (SecurityFocus) |
| Related URL |
33167 (ISS) |
|
