CVE-2010-0266

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

SecuriTeam™
Beyond Security®

SecuriTeam™ Home
Ask the Team
Mailing Lists
Advertising Info
Blogs

	SecuriTeam™ in Your Inbox

	E-mail this CVE-2010-0266 to a friend

New vulnerability?
New tool?
Tell us

Credit:
The original article can be found at: http://www.microsoft.com/technet/security/Bulletin/MS10-045.mspx

Website Security Scan	Code Vulnerability Test	Network Assessment Tool
Detect hidden vulnerabilities	Exhaustive automated testing	Real-time, continuous security
Get guidance from professionals	of internal or 3rd party code.	scanning for your entire network

Check for CVE-2010-0266

Vulnerability Assessment and Management.
Automated Pen Testing for 50 to 50,000 nodes
beyondsecurity.com/vulnerability-scanner

Vulnerable Systems:
* Microsoft Office Outlook 2002 SP3
* Microsoft Office Outlook 2003 SP3
* Microsoft Office Outlook 2007 SP1
* Microsoft Office Outlook 2007 SP2

A remote code execution vulnerability affects Outlook because it fails to properly verify attachments that are attached using the ATTACH_BY_REFERENCE value of the PR_ATTACH_METHOD property. An attacker can exploit this issue to run an arbitrary executable in the context of the currently logged-in user when the attachment is opened.

Patch Availability:
Microsoft has released a patch to address this vulnerability under MS10-045. For more information please refer to:
http://www.microsoft.com/technet/security/Bulletin/MS10-045.mspx

CVE Information:
CVE-2010-0266

Disclosure Timeline:
13 Jul 2010 - Published

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus