Korean

<< Back VID 28029 Severity 40 Port 139,445 Protocol TCP Class SMB Detailed Description The MS-Word used as the E-mail editor can allow remote attackers to execute arbitrary scripts. Outlook 2000 and 2002 provide the option to use Microsoft Word as the e-mail editor when creating and editing e-mail in either RTF or HTML format. A security vulnerability exists when Outlook is configured this way and the user forwards or replies to a mail from an attacker. An attacker could exploit this vulnerability by sending a specially malformed HTML e-mail containing a script to an Outlook user who has Word enabled as the e-mail editor. If the user replied to or forwarded the e-mail, the script would then run, and be capable of taking any action the user could take. * Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts. * References: http://www.microsoft.com/technet/security/bulletin/ms02-021.asp http://www.guninski.com/m$oxp-2.html http://archives.neohapsis.com/archives/bugtraq/2002-04/0047.html http://www.ciac.org/ciac/bulletins/m-073.shtml * Affected Software: Microsoft Outlook 2000 Microsoft Outlook 2002 Recommendation Apply the appropriate patch for your system, available from the following web sites: For Microsoft Word 2002: Client Installation: http://office.microsoft.com/downloads/2002/wrd1003.aspx Administrative Installation: http://www.microsoft.com/office/ork/xp/journ/wrd1003a.htm For Microsoft Word 2000: Client Installation: http://office.microsoft.com/downloads/2002/wrd0901.aspx Administrative Installation: http://www.microsoft.com/office/ork/xp/journ/wrd0901a.htm * Verifying patch installation: Word 2002: Verify that the version number of Winword.exe is 10.4009.3501 Word 2000: Verify that the version number of Winword.exe is 9.0.6328 Related URL CVE-2013-1335 (CVE) Related URL 59759 (SecurityFocus) Related URL (ISS)