A vulnerability has been reported in Microsoft Outlook Express, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a boundary error within the parsing of NNTP responses when using Outlook Express as a newsgroup reader. This can be exploited to cause a buffer overflow via a malicious newsgroup server.
Successful exploitation requires that a user queries a malicious newsgroup server for news.
SOFTWARE:
Microsoft Outlook Express 6
Microsoft Outlook Express 5.5
SOLUTION:
Apply patches.
Outlook Express 5.5 SP2 on Windows 2000 (requires SP3 or SP4):
http://www.microsoft.com/downloads/details.aspx?FamilyId=a6932151-2ae2-4c6e-861a-6ff5bde61191
Outlook Express 6 SP1 on Windows 2000 (requires SP3 or SP4) or
Windows XP (requires SP1):
http://www.microsoft.com/downloads/details.aspx?FamilyId=89e4d8ee-4d8e-4660-a53d-28502b3d2518
Outlook Express 6 SP1 for Windows XP 64-Bit Edition for Itanium
(requires SP1):
http://www.microsoft.com/downloads/details.aspx?FamilyId=b765c0e1-f4e2-495b-aae5-2db3eeaf71bb
Outlook Express 6 for Windows XP 64-Bit Edition Version 2003 for
Itanium:
http://www.microsoft.com/downloads/details.aspx?familyid=69901ec1-a11f-4135-9874-3698bcf7c760
Outlook Express 6 for Windows Server 2003 for Itanium-based systems:
http://www.microsoft.com/downloads/details.aspx?familyid=5fc7d68b-92a6-4c03-8d88-b2501aea8da6
Outlook Express 6 for Microsoft Windows Server 2003:
http://www.microsoft.com/downloads/details.aspx?FamilyId=d439eee9-05eb-4ecb-9e86-6259f1acaabb
The vulnerability does not affect the following versions:
* Microsoft Windows Server 2003 Service Pack 1
* Microsoft Windows Server 2003 with SP1 for Itanium-based systems
* Microsoft Windows Server 2003 x64 Edition
* Microsoft Windows XP Professional x64 Edition
* Microsoft Windows XP Service Pack 2
PROVIDED AND/OR DISCOVERED BY:
Discovered by anonymous person and reported via iDEFENSE.
ORIGINAL ADVISORY:
MS05-030 (KB897715):
http://www.microsoft.com/technet/security/bulletin/ms05-030.mspx
iDEFENSE:
http://idefense.com/application/poi/display?id=263&type=vulnerabilities
VERIFY ADVISORY:
http://secunia.com/advisories/15695/
Secunia Security Advisories
http://community.securityteam.us/article.php/20050615073711975