PT-2007-5124 · Microsoft · Windows Mail+1
Published
2007-10-09
·
Updated
2019-10-09
·
CVE-2007-3897
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
Microsoft Outlook Express versions 6 and earlier
Windows Mail for Vista
Description:
A heap-based buffer overflow issue allows remote Network News Transfer Protocol (NNTP) servers to execute arbitrary code via long NNTP responses that trigger memory corruption.
Recommendations:
For Microsoft Outlook Express versions 6 and earlier, consider disabling access to NNTP servers until a patch is available.
For Windows Mail for Vista, restrict the use of NNTP protocol to minimize the risk of exploitation.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Outlook Express
Windows Mail