Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Ani cursor exploits against Microsoft E-mail clients - CVE-2007-1765 - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Ani cursor exploits against Microsoft E-mail clients - CVE-2007-1765

A short overview of how the different email clients (in the supported list of Microsoft) are reacting to the animated cursor vulnerability (CVE-2007-1765) depending on the actions and settings of the email client.

The surprising element is that read in plain text mode makes some of the clients more vulnerable and actually only offers real added value -for this vulnerability- for Outlook 2003.

  Default Settings Read in
plain text mode
Reply/Forward with
"Read in Plain Text" set
Windows XP Outlook Express preview
Vulnerable(*) Vulnerable Vulnerable
Windows XP Outlook Express open Vulnerable(*) Vulnerable Vulnerable
Vista Mail preview Vulnerable   Vulnerable
Vista Mail open Vulnerable   Vulnerable
Outlook 2003 preview Vulnerable    
Outlook 2003 open Vulnerable    
Outlook 2007 preview      
Outlook 2007 open      

(*) It does interact with the user before being vulnerable, but we all know what typical users would do.

--
Swa Frantzen -- NET2S

Swa

760 Posts

Sign Up for Free or Log In to start participating in the conversation!