Signature Detail

HTTP: Outlook Local File Execution

This signature detects a malicious link contained in a HTML document. Microsoft Outlook 2003 is vulnerable; other Outlook versions can also be affected. Attackers can embed a maliciously crafted link in an HTML document; when the HTML document is viewed, the link executes a file in the local user profile directory.

Extended Description

Microsoft Outlook and Outlook Express are reported to be prone to store various files, which may contain attacker-supplied content, in predictable locations. This may present a security risk because many known (and potential) Internet Explorer vulnerabilities depend on the attacker being able to directly reference malicious content on a victim system. Given both the ability to place such content on the file system and reference it specifically by location, exploitation of many browser-based vulnerabilities becomes possible. Other securiy consequences also exist, such as disclosure of Address Book contents.

Affected Products

• Microsoft Outlook 2000 SP2
• Microsoft Outlook 2000 SP3
• Microsoft Outlook 2000
• Microsoft Outlook 2002 SP1
• Microsoft Outlook 2002 SP2
• Microsoft Outlook 2002
• Microsoft Outlook 2003
• Microsoft Outlook Express 4.0
• Microsoft Outlook Express 4.0.1 SP2
• Microsoft Outlook Express 4.27.3110
• Microsoft Outlook Express 4.72.2106
• Microsoft Outlook Express 4.72.3120
• Microsoft Outlook Express 4.72.3612
• Microsoft Outlook Express 5.0
• Microsoft Outlook Express 5.0.1
• Microsoft Outlook Express 5.5
• Microsoft Outlook Express 6.0

References

• BugTraq: 9709
• URL: http://www.security.nnov.ru/search/document.asp?docid=6184