Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1305

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2006-1305
Last Modified 27 Sep 2011 12:00:00
Published 31 Dec 2006 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-1305

Summary

Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to cause a denial of service (memory exhaustion and interrupted mail recovery) via malformed e-mail header information, possibly related to (1) long subject lines or (2) large numbers of recipients in To or CC headers.

Vulnerable Systems

Application

  • Microsoft Office 2000

  • Microsoft Office 2003

  • Microsoft Office Xp

  • Microsoft Outlook 2000

  • Microsoft Outlook 2002

  • Microsoft Outlook 2003


References

CERT - TA07-009A

CERT-VN - VU#617436

BID - 21937

MS - MS07-003

SECTRACK - 1017488

SECUNIA - 23674

VUPEN - ADV-2007-0104

HP - HPSBST02184

HP - SSRT071296

OSVDB - 31253

MISC - http://osvdb.org/ref/24/24081-outlook1.txt

MLIST - [funsec] 20060308 DOSing Outlook 2003

MISC - http://blogs.securiteam.com/index.php/archives/347


Last Updated: 27 May 2016 10:42:00