Last Updated: 2006-05-10 04:10:48 UTC
by Bojan Zdrnja (Version: 1)
The vulnerability can be exploited by crafting a special CAB (Microsoft Cabinet) file with invalid folder count values in the header. This can result in corruption of heap memory which can further lead to execution of arbitrary code on the target machine.
This obviously requires that the inspection of CAB files is enabled, which will surely be the case at least on e-mail gateways (so a special warning for users of PureMessage and MailMonitor packages).
Sophos' advisory and details about updates are available at http://www.sophos.com/support/knowledgebase/article/4934.html.