Microsoft Outlook Recipient ActiveX Control Lets Remote Users Deny Service

http://www.securitytracker.com/alerts/2006/Dec/1017397.html


A vulnerability was reported in Microsoft Outlook. A remote user can cause denial of service conditions.


A remote user can create specially crafted HTML that, when loaded by the target user, will invoke a Microsoft Outlook ActiveX component (Outlook Recipient Control) and cause Internet Explorer to hang.


shinnai reported this vulnerability.


The original advisory and a demonstration exploit is available at:


http://shinnai.altervista.org/viewtopic.php?id=41&t_id=8
Impact:  A remote user can create HTML that, when loaded by the target user, will cause Internet Explorer to hang.
Solution:  No solution was available at the time of this entry.

Leave a Reply