MS02-058: unchecked buffer in Outlook Express S/MIME parsing could enable system compromise. (Microsoft).(Brief Article)
Information Systems Auditor, December, 2002
Issue
To allow for verification of the authenticity of mail messages, Microsoft Outlook Express supports digital signing of messages through S/MIME.
A buffer overrun vulnerability lies in the code that generates the warning message when a particular error condition associated with digital signatures occurs.
By creating a digitally signed e-mail and editing it to introduce specific data, then sending it to other users, attackers could cause either of two effects to occur if the recipients opened or previewed it.
In the less serious case, the attackers could cause the e-mail client to fail. If this happened, the recipients could resume normal operation by restarting the e-mail client and deleting the offending mail.
In the...
- 5 Rules for Immediate Annuities
- Death in the Family: 12 Things to Do Now
- Dumbest Things You Do With Your Money
- 6 Online Networking Mistakes to Avoid
- 401(k) Mistakes to Avoid
- 5 Economic Scenarios to Keep You Up at Night
- The Real ‘Best Places to Retire’
- Best Credit Cards for You
- 12 Tough Questions to Ask Your Parents
- The Real ‘Best Colleges’
- Home Buyer Tax Credit: How to Cash In
- Why You Shouldn't Bash Cash
- 8 Phony 'Bargains' and Better Alternatives
- Danger: 3 Debit Card Scams to Avoid
- 6 Myths About Gas Mileage
- 29 Fees We Hate Most
- Quick and Easy Ways to Boost Returns
- Best Stocks to Buy Now
- Lower Your Taxes: 10 Moves to Make Now
- New Jobs: 8 Lessons from Real-Life Career Switchers
- The New Job Market: Who Wins and Who Loses?
- Health Care Reform's Public Option: Everything You Need to Know
- Volunteer Work When Unemployed: Should You Work for Free?
- Whose Recovery Is This?
- Long-Term-Care Insurance: 4 Biggest Risks to Avoid
Most Recent Business Articles
- Multiple criteria evaluation and optimization of transportation systems
- Multi-criteria analysis procedure for sustainable mobility evaluation in urban areas
- A two-leveled multi-objective symbiotic evolutionary algorithm for the hub and spoke location problem
- Multi-criteria analysis for evaluating the impacts of intelligent speed adaptation
- The development of Taiwan arterial traffic-adaptive signal control system and its field test: a Taiwan experience
Most Recent Business Publications
Most Popular Business Articles
- 7 tips for effective listening: productive listening does not occur naturally. It requires hard work and practice - Back To Basics - effective listening is a crucial skill for internal auditors
- LIFO vs. FIFO: a return to the basics
- FAS 109: a primer for non-accountants - Financial Accounting Standards Board's "Statement 109: Accounting for Income Taxes"
- Design a commission plan that drives sales - Sales Commissions
- Too Young to Rent a Car? - 25-years-old the minimum age for car renting - Brief Article
Presented by American Express