POP3: Outlook Preview Pane Local Troubleshooter Query Overflow
This signature detects attempts to exploit a known vulnerability against an ActiveX control in Microsoft Outlook. The Local Troubleshooter ActiveX control has inadequate bounds for checking for its Query function; this exploit bypasses normal Outlook/IE ActiveX security controls. Attackers can create a malicious Web site that contains a call to this ActiveX control; this call contains an overly long string that overflows the control buffer, enabling the attacker to gain control of the target system with user privileges.
Extended Description
A vulnerability has been discovered in the Microsoft TroubleShooter ActiveX control. Because of this, it may be possible for a remote attacker to execute arbitrary with the privileges of a local user.
Affected Products
Microsoft windows_2000_professional
References
BugTraq: 8833
CVE: CVE-2003-0662
URL: http://www.microsoft.com/technet/security/Bulletin/MS03-042.mspx
Short Name
POP3:OUTLOOK:TROUBLE-QUERY-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
POP3
Keywords
CVE-2003-0662 Local Outlook Overflow Pane Preview Query Troubleshooter bid:8833
Release Date
10/23/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Microsoft
CVSS Score
9.3