Signature Detail

SMTP: Microsoft Exchange TNEF Attachment Buffer Overflow

This signature detects attempts to exploit a known vulnerability in the Microsoft Exchange Server. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of System.

Extended Description

Microsoft Exchange Server is prone to a remote code-execution vulnerability. Remote attackers may exploit this issue by sending maliciously constructed TNEF-encoded email data to vulnerable servers. This issue will be triggered when a user views or previews the malicious email. Successfully exploiting this issue would allow the attacker to execute arbitrary code on an affected computer in the context of the affected application.

Affected Products

• Avaya Messaging Application Server MM 1.1
• Avaya Messaging Application Server MM 2.0
• Avaya Messaging Application Server MM 3.0
• Avaya Messaging Application Server MM 3.1
• Avaya Messaging Application Server
• Microsoft Exchange Server 2000 SP1
• Microsoft Exchange Server 2000 SP2
• Microsoft Exchange Server 2000 SP3
• Microsoft Exchange Server 2000
• Microsoft Exchange Server 2003 SP1
• Microsoft Exchange Server 2003 SP2
• Microsoft Exchange Server 2003
• Microsoft Exchange Server 2007 SP 1
• Microsoft Exchange Server 2007
• Microsoft Exchange Server MAPI Client 1.2.1

References

• CVE: CVE-2009-0098