CERTA-2004-AVI-128

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité présente dans Outlook Express permet à un utilisateur malicieux d'exécuter du code arbitraire sur la machine vulnérable.

Description

MHTML est le format MIME Encapsulation of Aggregate HTML Documents qui défini la structure MIME permettant d'envoyer un document HTML dans un message éléctronique.

Une vulnérabilité dans la gestion des pages MHTML permet à un utilisateur mal intentionné, via un courrier éléctronique ou une page web, d'exécuter du code arbitraire dans la zone de sécurité de la machine locale avec les privilèges de l'utilisateur connecté.

Contournement provisoire

Configurer Outlook Express pour une lecture des messages éléctroniques au format texte.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs :

http://www.microsoft.com/technet/security/bulletin/ms04-013.mspx
None
Impacted products
Vendor Product Description
Microsoft N/A Microsoft Outlook Express 6 SP1 ;
Microsoft N/A Microsoft Outlook Express 6 ;
Microsoft Windows Microsoft Outlook Express 6 sur Windows Server 2003 (64 bits).
Microsoft Windows Microsoft Outlook Express 6 sur Windows Server 2003 ;
Microsoft N/A Microsoft Outlook Express 6 SP1 (64 bits) ;
Microsoft N/A Microsoft Outlook Express 5.5 SP2 ;
References

Show details on source website
To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Outlook Express 6 SP1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Outlook Express 6 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Outlook Express 6 sur Windows Server 2003 (64 bits).",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Outlook Express 6 sur Windows Server 2003 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Outlook Express 6 SP1 (64 bits) ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Outlook Express 5.5 SP2 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nMHTML est le format MIME Encapsulation of Aggregate HTML Documents qui\nd\u00e9fini la structure MIME permettant d\u0027envoyer un document HTML dans un\nmessage \u00e9l\u00e9ctronique.\n\nUne vuln\u00e9rabilit\u00e9 dans la gestion des pages MHTML permet \u00e0 un\nutilisateur mal intentionn\u00e9, via un courrier \u00e9l\u00e9ctronique ou une page\nweb, d\u0027ex\u00e9cuter du code arbitraire dans la zone de s\u00e9curit\u00e9 de la\nmachine locale avec les privil\u00e8ges de l\u0027utilisateur connect\u00e9.\n\n## Contournement provisoire\n\nConfigurer Outlook Express pour une lecture des messages \u00e9l\u00e9ctroniques\nau format texte.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs :\n\n    http://www.microsoft.com/technet/security/bulletin/ms04-013.mspx\n",
  "cves": [],
  "links": [],
  "reference": "CERTA-2004-AVI-128",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2004-04-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 pr\u00e9sente dans Outlook Express permet \u00e0 un utilisateur\nmalicieux d\u0027ex\u00e9cuter du code arbitraire sur la machine vuln\u00e9rable.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Outlook Express",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Avis de s\u00e9curit\u00e9 Microsoft MS04-O13",
      "url": null
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.