PT-2007-5124 · Microsoft · Windows Mail+1
Publicado
2007-10-09
·
Atualizado
2019-10-09
·
CVE-2007-3897
CVSS v2.0
9.3
Alta
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
Microsoft Outlook Express versions 6 and earlier
Windows Mail for Vista
Description:
A heap-based buffer overflow issue allows remote Network News Transfer Protocol (NNTP) servers to execute arbitrary code via long NNTP responses that trigger memory corruption.
Recommendations:
For Microsoft Outlook Express versions 6 and earlier, consider disabling access to NNTP servers until a patch is available.
For Windows Mail for Vista, restrict the use of NNTP protocol to minimize the risk of exploitation.
Correção
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Outlook Express
Windows Mail