[Esd-l] Outlook 2003 exploit using active scripting.

John D. Hardin jhardin at impsec.org
Thu May 20 06:39:10 PDT 2004


On Wed, 19 May 2004, Smart,Dan wrote:

> John:
> Do you have a suggestion on how to handle this new Outlook 2003
> vulnerability?  See:
> 
> http://secunia.com/advisories/11629/

It uses an "embedded OLE object" so it sounds like it should be
defanged unless you have set SECURITY_TRUST_HTML, but without seeing
a sample I can't be sure.

Also, HTML file attachments are considered executable by default and
will be mangled.

--
 John Hardin KA7OHZ    ICQ#15735746    http://www.impsec.org/~jhardin/
 jhardin at impsec.org    FALaholic #11174    pgpk -a jhardin at impsec.org
 key: 0xB8732E79 - 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
  Bush? Kerry? I'm so sick of our elections always being "choose the
  lesser of two evils."
-----------------------------------------------------------------------
   166 days until the Presidential Election


More information about the esd-l mailing list