Signature Detail

SMTP: URL With Local Reference

This signature detects attempts to exploit a known vulnerability against Windows Mail Client. Versions running on Windows Vista are vulnerable. Attackers can execute code in the context of the user logged in.

Extended Description

Microsoft Windows Vista Windows Mail is prone to a local file-execution vulnerability due to a design error. An attackers may exploit this issue to execute local files. The attacker must entice a victim into opening a maliciously crafted link using the affected application. The vendor reports this issue can also be exploited through use of UNC navigation to execute arbitrary remote code. This may facilitate a remote compromise of the affected computer.

Affected Products

• Microsoft Windows Mail
• Microsoft Windows Vista Business
• Microsoft Windows Vista Enterprise
• Microsoft Windows Vista Home Basic
• Microsoft Windows Vista Home Premium
• Microsoft Windows Vista Ultimate

References

• BugTraq: 23103
• CVE: CVE-2007-1658
• URL: http://securitytracker.com/alerts/2007/Mar/1017816.html
• URL: http://lists.grok.org.uk/pipermail/full-disclosure/2007-March/053143.html