MS.Outlook.VEVENT.Record.Remote.Code.Execution
Description
This indicates a possible exploit of a remote code execution vulnerability in Microsoft Outlook.
This vulnerability is due to a memory corruption error when processing specially crafted ".iCal" meeting requests and parsing malformed VEVENT requests. It could be exploited by attackers to execute arbitrary commands.
Affected Products
Microsoft Office 2000 Service Pack 3
Microsoft Office XP Service Pack 3
Microsoft Office 2003 Service Pack 2
Microsoft Outlook 2000
Microsoft Outlook 2002
Microsoft Outlook 2003
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply patch, available from the web site:
http://www.microsoft.com/technet/security/Bulletin/MS07-003.mspx
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |