Intrusion Prevention

MS.Exchange.Mail.Calender.Buffer.Overflow

Description

This indicates an attempt to exploit a remote-access vulnerability that affects Microsoft Exchange Server.
A remote attacker can exploit the vulnerability by sending an email with a meeting request containing specially crafted vCal and iCal calendar data. As a result, the attacker may be able to take complete control of a vulnerable system.

Affected Products

Microsoft Exchange Server 2003 SP 1
Microsoft Exchange Server 2003 SP 2
Microsoft Exchange Server 2000 with the Exchange 2000 Post-SP 3 Update Rollup of August 2004(870540)

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the patch, available from the vendor's web site:
http://www.microsoft.com/technet/security/bulletin/ms06-019.mspx

CVE References

CVE-2006-0027