CVE-2010-0266

Name of the Vulnerable Software and Affected Versions Microsoft Office Outlook versions 2002 SP3, 2003 SP3, and 2007 SP1 and SP2

Description A remote code execution issue exists in the way Microsoft Office Outlook verifies attachments in specially crafted e-mail messages. This allows attackers to potentially execute arbitrary code via crafted messages. If successfully exploited, an attacker could take complete control of an affected system, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Office Outlook 2002 SP3, update to a version that properly verifies e-mail attachments. For Microsoft Office Outlook 2003 SP3, update to a version that properly verifies e-mail attachments. For Microsoft Office Outlook 2007 SP1 and SP2, update to a version that properly verifies e-mail attachments.