CVE-2006-1305

Name of the Vulnerable Software and Affected Versions Microsoft Outlook versions 2000 through 2003

Description A denial of service issue exists due to the processing of e-mail header information. This could allow an attacker to send a malformed e-mail that causes the Outlook client to fail under certain circumstances. The client would continue to fail as long as the malformed e-mail message remains on the e-mail server. The issue may be related to long subject lines or a large number of recipients in To or CC headers.

Recommendations For Microsoft Outlook versions 2000 through 2003, the issue can be mitigated by deleting the malformed e-mail message from the e-mail server, which can be done by an e-mail administrator or by the user via another e-mail client such as Outlook Web Access or Outlook Express.