Re: AppleScript and Email clients
Re: AppleScript and Email clients
- Subject: Re: AppleScript and Email clients
- From: John W Baxter <email@hidden>
- Date: Mon, 7 Jan 2002 22:52:30 -0800
At 20:39 -0700 1/7/2002, garbanzito wrote:
>
perhaps
>
something like an extra-long or malformed header could put
>
the email client into an error state which could be
>
exploited.
It has been, on Windows (I don't know of a Mac exploit).
A carefully crafted over-length Date: header need only be noticed on the
Exchange server by MS Outlook to trigger a buffer overflow and execution of
arbitrary code. [The user need not take any action or even know the
message has arrived on the server.]
MS Outlook Express was a *little* less vulnerable...the user had to open a
mailbox window on the mailbox containing the downloaded message for the
long Date: header exploit to happen.
Both products have been repaired (but what fractions of the Outlooks and
Outlook Expresses out there are up-to-date?).
--John
--
John Baxter email@hidden Port Ludlow, WA, USA