ID CVE-2010-0816
Summary Integer overflow in inetcomm.dll in Microsoft Outlook Express 5.5 SP2, 6, and 6 SP1; Windows Live Mail on Windows XP SP2 and SP3, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7; and Windows Mail on Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote e-mail servers and man-in-the-middle attackers to execute arbitrary code via a crafted (1) POP3 or (2) IMAP response, as demonstrated by a certain +OK response on TCP port 110, aka "Outlook Express and Windows Mail Integer Overflow Vulnerability."
References
Vulnerable Configurations
  • Microsoft outlook_express 5.5 sp2
    cpe:2.3:a:microsoft:outlook_express:5.5:sp2
  • cpe:2.3:a:microsoft:outlook_express:6.0:sp1
    cpe:2.3:a:microsoft:outlook_express:6.0:sp1
  • Microsoft Windows 2000 Service Pack 4
    cpe:2.3:o:microsoft:windows_2000:-:sp4
  • Microsoft outlook_express 6.0
    cpe:2.3:a:microsoft:outlook_express:6.0
  • cpe:2.3:a:microsoft:windows_live_mail
    cpe:2.3:a:microsoft:windows_live_mail
  • Microsoft Windows XP Service Pack 2
    cpe:2.3:o:microsoft:windows_xp:-:sp2
  • Microsoft Windows XP Service Pack 3
    cpe:2.3:o:microsoft:windows_xp:-:sp3
  • Microsoft outlook_express 6.0
    cpe:2.3:a:microsoft:outlook_express:6.0
  • cpe:2.3:a:microsoft:windows_live_mail
    cpe:2.3:a:microsoft:windows_live_mail
  • Microsoft Windows XP Service Pack 2 x64 (64-bit)
    cpe:2.3:o:microsoft:windows_xp:-:sp2:x64
  • Microsoft outlook_express 6.0
    cpe:2.3:a:microsoft:outlook_express:6.0
  • Microsoft Windows 2003 Server Service Pack 2
    cpe:2.3:o:microsoft:windows_2003_server:-:sp2
  • Microsoft Windows 2003 Server Service Pack 2 Itanium
    cpe:2.3:o:microsoft:windows_2003_server:-:sp2:itanium
  • Microsoft Windows Server 2003 Service Pack 2
    cpe:2.3:o:microsoft:windows_server_2003:-:sp2
  • cpe:2.3:a:microsoft:windows_live_mail
    cpe:2.3:a:microsoft:windows_live_mail
  • Microsoft Windows Mail
    cpe:2.3:a:microsoft:windows_mail
  • cpe:2.3:o:microsoft:windows_server_2008:-:itanium
    cpe:2.3:o:microsoft:windows_server_2008:-:itanium
  • cpe:2.3:o:microsoft:windows_server_2008:-:x32
    cpe:2.3:o:microsoft:windows_server_2008:-:x32
  • cpe:2.3:o:microsoft:windows_server_2008:-:x64
    cpe:2.3:o:microsoft:windows_server_2008:-:x64
  • Windows Server 2008 Service Pack 2 for 32-bit systems
    cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x32
  • Microsoft Windows Server 2008 Service Pack 2 x64 (64-bit)
    cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x64
  • Microsoft Windows Server 2008 Itanium
    cpe:2.3:o:microsoft:windows_server_2008:-:-:itanium
  • Microsoft Windows Server 2008 x64 (64-bit) (intial release)
    cpe:2.3:o:microsoft:windows_server_2008:-:-:x64
  • Microsoft Windows Server 2008 (gold) for Itanium-Based Systems
    cpe:2.3:o:microsoft:windows_server_2008:-:gold:itanium
  • Microsoft Windows Server 2008 Service Pack 2 for Itanium-Based Systems
    cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium
  • Microsoft Windows Server 2008 Service Pack 2 x64 (64-bit)
    cpe:2.3:o:microsoft:windows_server_2008:-:sp2:x64
  • Microsoft Windows Vista Service Pack 1 (initial release)
    cpe:2.3:o:microsoft:windows_vista:-:sp1
  • Microsoft Windows Vista Service Pack 1 x64 (64-bit)
    cpe:2.3:o:microsoft:windows_vista:-:sp1:x64
  • Microsoft Windows Vista Service Pack 2
    cpe:2.3:o:microsoft:windows_vista:-:sp2
  • Microsoft Windows Vista Service Pack 2 x64 (64-bit)
    cpe:2.3:o:microsoft:windows_vista:-:sp2:x64
  • Microsoft Windows Vista Service Pack 1 (initial release)
    cpe:2.3:o:microsoft:windows_vista:-:sp1
  • Microsoft Windows Vista Service Pack 2
    cpe:2.3:o:microsoft:windows_vista:-:sp2
  • cpe:2.3:a:microsoft:windows_live_mail
    cpe:2.3:a:microsoft:windows_live_mail
  • Microsoft Windows Mail
    cpe:2.3:a:microsoft:windows_mail
  • Microsoft Windows 7
    cpe:2.3:o:microsoft:windows_7
  • Windows Server 2008 R2 for Itanium-based Systems
    cpe:2.3:o:microsoft:windows_server_2008:r2:-:itanium
  • Windows Server 2008 R2 for 32-bit Systems
    cpe:2.3:o:microsoft:windows_server_2008:r2:-:x64
CVSS
Base: 9.3 (as of 12-05-2010 - 15:45)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
exploit-db via4
description Microsoft Windows Outlook Express and Windows Mail Integer Overflow. CVE-2010-0816. Dos exploit for windows platform
id EDB-ID:12564
last seen 2016-02-01
modified 2010-05-11
published 2010-05-11
reporter Francis Provencher
source https://www.exploit-db.com/download/12564/
title Microsoft Windows Outlook Express and Windows Mail Integer Overflow
msbulletin via4
bulletin_id MS10-030
bulletin_url
date 2010-05-11T00:00:00
impact Remote Code Execution
knowledgebase_id 978542
knowledgebase_url
severity Critical
title Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Execution
nessus via4
NASL family Windows : Microsoft Bulletins
NASL id SMB_NT_MS10-030.NASL
description The remote host is running a version of Microsoft Outlook Express / Windows Mail that contains a flaw that could be used to cause an integer overflow, resulting in remote code execution. To exploit this flaw, an attacker would need a victim to connect to a mail server under their control and send malicious responses to the victim's email client.
last seen 2019-02-21
modified 2018-11-15
plugin id 46312
published 2010-05-11
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=46312
title MS10-030: Vulnerability in Outlook Express and Windows Mail Could Allow Remote Code Execution (978542)
oval via4
accepted 2014-08-18T04:06:18.815-04:00
class vulnerability
contributors
  • name Dragos Prisaca
    organization Symantec Corporation
  • name Dragos Prisaca
    organization Symantec Corporation
  • name Chandan S
    organization SecPod Technologies
  • name Maria Mikhno
    organization ALTX-SOFT
definition_extensions
  • comment Microsoft Windows 2000 is installed
    oval oval:org.mitre.oval:def:85
  • comment Microsoft Outlook Express 5.5 SP2 is installed.
    oval oval:org.mitre.oval:def:504
  • comment Microsoft Windows 2000 is installed
    oval oval:org.mitre.oval:def:85
  • comment Microsoft Outlook Express 6 SP1 is installed.
    oval oval:org.mitre.oval:def:488
  • comment Microsoft Windows XP (32-bit) is installed
    oval oval:org.mitre.oval:def:1353
  • comment Microsoft Outlook Express 6.0 for Windows XP/2003 is installed
    oval oval:org.mitre.oval:def:208
  • comment Microsoft Windows XP (32-bit) is installed
    oval oval:org.mitre.oval:def:1353
  • comment Microsoft Outlook Express 6.0 for Windows XP/2003 is installed
    oval oval:org.mitre.oval:def:208
  • comment Microsoft Windows Server 2003 (32-bit) is installed
    oval oval:org.mitre.oval:def:1870
  • comment Microsoft Windows Server 2003 (x64) is installed
    oval oval:org.mitre.oval:def:730
  • comment Microsoft Windows Server 2003 (ia64) Gold is installed
    oval oval:org.mitre.oval:def:396
  • comment Microsoft Windows XP x64 is installed
    oval oval:org.mitre.oval:def:15247
  • comment Microsoft Outlook Express 6.0 for Windows XP/2003 is installed
    oval oval:org.mitre.oval:def:208
  • comment Microsoft Windows Vista (32-bit) is installed
    oval oval:org.mitre.oval:def:1282
  • comment Microsoft Windows Vista x64 Edition is installed
    oval oval:org.mitre.oval:def:2041
  • comment Microsoft Windows Server 2008 (32-bit) is installed
    oval oval:org.mitre.oval:def:4870
  • comment Microsoft Windows Server 2008 (64-bit) is installed
    oval oval:org.mitre.oval:def:5356
  • comment Microsoft Windows Mail is installed
    oval oval:org.mitre.oval:def:2058
  • comment Microsoft Windows Vista (32-bit) is installed
    oval oval:org.mitre.oval:def:1282
  • comment Microsoft Windows Vista x64 Edition is installed
    oval oval:org.mitre.oval:def:2041
  • comment Microsoft Windows Server 2008 (32-bit) is installed
    oval oval:org.mitre.oval:def:4870
  • comment Microsoft Windows Server 2008 (64-bit) is installed
    oval oval:org.mitre.oval:def:5356
  • comment Microsoft Windows Mail is installed
    oval oval:org.mitre.oval:def:2058
  • comment Microsoft Windows Vista (32-bit) is installed
    oval oval:org.mitre.oval:def:1282
  • comment Microsoft Windows Vista x64 Edition is installed
    oval oval:org.mitre.oval:def:2041
  • comment Microsoft Windows Server 2008 (32-bit) is installed
    oval oval:org.mitre.oval:def:4870
  • comment Microsoft Windows Server 2008 (64-bit) is installed
    oval oval:org.mitre.oval:def:5356
  • comment Microsoft Windows Mail is installed
    oval oval:org.mitre.oval:def:2058
  • comment Microsoft Windows Vista (32-bit) is installed
    oval oval:org.mitre.oval:def:1282
  • comment Microsoft Windows Vista x64 Edition is installed
    oval oval:org.mitre.oval:def:2041
  • comment Microsoft Windows Server 2008 (32-bit) is installed
    oval oval:org.mitre.oval:def:4870
  • comment Microsoft Windows Server 2008 (64-bit) is installed
    oval oval:org.mitre.oval:def:5356
  • comment Microsoft Windows Mail is installed
    oval oval:org.mitre.oval:def:2058
  • comment Microsoft Windows Server 2008 (ia-64) is installed
    oval oval:org.mitre.oval:def:5667
  • comment Microsoft Windows Mail is installed
    oval oval:org.mitre.oval:def:2058
  • comment Microsoft Windows Server 2008 (ia-64) is installed
    oval oval:org.mitre.oval:def:5667
  • comment Microsoft Windows Mail is installed
    oval oval:org.mitre.oval:def:2058
  • comment Microsoft Windows Server 2008 (ia-64) is installed
    oval oval:org.mitre.oval:def:5667
  • comment Microsoft Windows Mail is installed
    oval oval:org.mitre.oval:def:2058
  • comment Microsoft Windows Server 2008 (ia-64) is installed
    oval oval:org.mitre.oval:def:5667
  • comment Microsoft Windows Mail is installed
    oval oval:org.mitre.oval:def:2058
  • comment Microsoft Windows 7 (32-bit) is installed
    oval oval:org.mitre.oval:def:6165
  • comment Microsoft Windows 7 x64 Edition is installed
    oval oval:org.mitre.oval:def:5950
  • comment Microsoft Windows Server 2008 R2 x64 Edition is installed
    oval oval:org.mitre.oval:def:6438
  • comment Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed
    oval oval:org.mitre.oval:def:5954
  • comment Microsoft Windows Mail is installed
    oval oval:org.mitre.oval:def:2058
  • comment Microsoft Windows 7 (32-bit) is installed
    oval oval:org.mitre.oval:def:6165
  • comment Microsoft Windows 7 x64 Edition is installed
    oval oval:org.mitre.oval:def:5950
  • comment Microsoft Windows Server 2008 R2 x64 Edition is installed
    oval oval:org.mitre.oval:def:6438
  • comment Microsoft Windows Server 2008 R2 Itanium-Based Edition is installed
    oval oval:org.mitre.oval:def:5954
  • comment Microsoft Windows Mail is installed
    oval oval:org.mitre.oval:def:2058
description Integer overflow in inetcomm.dll in Microsoft Outlook Express 5.5 SP2, 6, and 6 SP1; Windows Live Mail on Windows XP SP2 and SP3, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7; and Windows Mail on Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote e-mail servers and man-in-the-middle attackers to execute arbitrary code via a crafted (1) POP3 or (2) IMAP response, as demonstrated by a certain +OK response on TCP port 110, aka "Outlook Express and Windows Mail Integer Overflow Vulnerability."
family windows
id oval:org.mitre.oval:def:6734
status accepted
submitted 2010-05-11T13:00:00
title Outlook Express and Windows Mail Integer Overflow Vulnerability
version 76
packetstorm via4
data source https://packetstormsecurity.com/files/download/89398/moe-overflow.txt
id PACKETSTORM:89398
last seen 2016-12-05
published 2010-05-12
reporter Francis Provencher
source https://packetstormsecurity.com/files/89398/Microsoft-Windows-Outlook-Express-And-Windows-Mail-Integer-Overflow.html
title Microsoft Windows Outlook Express And Windows Mail Integer Overflow
refmap via4
bid 40052
bugtraq 20100511 {PRL} Microsoft Windows Outlook Express and Windows Mail Integer Overflow
cert TA10-131A
misc http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=13&Itemid=13
ms MS10-030
Last major update 21-08-2010 - 01:40
Published 12-05-2010 - 07:46
Last modified 26-02-2019 - 09:04
Back to Top