Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Date: Mon Jan 16 2006 - 10:57:25 CST
We all heard about the new vulnerability in ms outlook, but not much detailed information is availible.
The vulnerability is caused due to boundary error when decoding the Transport Neutral Encapsulation Format (TNEF) MIME attachment. This can be exploited to execute arbitrary code when the user opens or previews a specially crafted TNEF email message or when the Microsoft Exchange Server Information Store processes the message.
this is all we've been given, and for details we'll have to wait another 3 months.
so i was thinking about getting some more info on
this bug. Seems the vulnerable code was inside
OUTLLIBR.DLL ,since this is the only dll that was
updated after applying ms security patch. i've
been debuging it a little, but couldnt find anything usefull. also i was looking at TNEF specifications, and i didnt find anything suspicious.