SMTP: Microsoft Outlook Express Certificate Overflow
This signature detects attempts to exploit a known vulnerability against Microsoft Outlook Express, which ships with Internet Explorer 5.5. Attackers can send a maliciously crafted email to a host; if the host opens the email in Outlook Express, attackers can execute arbitrary code on the host.
Extended Description
Microsoft Outlook Express contains an unchecked buffer in the code that generates warning messages when certain error conditions associated with digital signatures are encountered. Execution of arbitrary code in the security context of the current user is possible. Microsoft has verified that this vulnerability exists in Outlook Express 5.5 and 6.0. Earlier versions may be affected, however, they are no longer supported by Microsoft.
Affected Products
Microsoft outlook_express
Short Name
SMTP:OVERFLOW:OUTLOOK-CERT-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
SMTP
Keywords
CVE-2002-1179 Certificate Express Microsoft Outlook Overflow bid:5944
Release Date
04/22/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Microsoft
CVSS Score
7.5