PROBLEM: Microsoft has identified a buffer overflow vulnerability that occurs when downloading e-mail. The buffer overflow can occur even if the user does not open or preview the e-mail message. PLATFORM: Platforms running the following versions may be vulnerable: Microsoft Outlook Express 4.0, 4.01, 5.0, 5.01. Microsoft Outlook 97, 98, 2000. DAMAGE: A malicious user can cause the system reading the e-mail to crash or to run arbitrary code. SOLUTION: Upgrade the software as directed below.
VULNERABILITY The risk is HIGH. The problem and exploits have been presented ASSESSMENT: in public forums.
Voice: +1 925-422-8193 (7 x 24) FAX: +1 925-423-8002 STU-III: +1 925-423-2604 E-mail: firstname.lastname@example.org World Wide Web: http://www.ciac.org/ http://ciac.llnl.gov (same machine -- either one will work) Anonymous FTP: ftp.ciac.org ciac.llnl.gov (same machine -- either one will work)