Suggest A Fix PC Support Forums > MS Alert: OE parsing vunerability

Full Version: MS Alert: OE parsing vunerability

Suggest A Fix PC Support Forums > Security > Security News and Warnings

Interceptor

Jul 30 2002, 11:45 AM

A vulnerability has been reported in Microsoft Outlook Express 6. A remote user can send e-mail to a target user and cause an executable file to be installed on a target computer silently. Once installed, the file can be executed.

HTML and scripting code embedded within XML style sheet files and associated with IE will generate an error in the XML parser but will execute the HTML and scripting. The code opened from within the TIF folder by IE can cause the file to be executed.

There was no solution available from Microsoft at this time.

Reported by Malware.com

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.