Microsoft Outlook "mailto:" URI Handling Vulnerability

SA29320

CVE-2008-0110

11 Mar 2008

12 Mar 2008

Highly Critical

Vendor Patch

Microsoft Office 2000
Microsoft Office 2003 Professional Edition
Microsoft Office 2003 Small Business Edition
Microsoft Office 2003 Standard Edition
Microsoft Office 2003 Student and Teacher Edition
Microsoft Office 2007
Microsoft Office XP
Microsoft Outlook 2000
Microsoft Outlook 2002
Microsoft Outlook 2003
Microsoft Outlook 2007

From remote

System access

This covers vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user.

A vulnerability has been reported in Microsoft Outlook, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an error when handling a specially crafted "mailto:" URI passed from a web browser. This can be exploited to pass extra command line switches to Outlook.

Successful exploitation allows execution of arbitrary code when a user e.g. visits a malicious website.

Apply patches.

Outlook 2000 SP3:
http://www.microsoft.com/downloads/details.aspx?FamilyId=714a49cd-5bca-4719-96a1-e1077f279533

Outlook 2002 SP3:
http://www.microsoft.com/downloads/details.aspx?FamilyId=59853687-d885-4059-9460-ee403855dbd8

Outlook 2003 SP2:
http://www.microsoft.com/downloads/details.aspx?FamilyId=fccc7c4c-8496-4682-bd46-6590503c1bf2

Outlook 2003 SP3:
http://www.microsoft.com/downloads/details.aspx?FamilyId=fccc7c4c-8496-4682-bd46-6590503c1bf2

Outlook 2007:
http://www.microsoft.com/downloads/details.aspx?FamilyId=4e2baf00-88eb-4eb6-961a-54245b363c21

Greg MacManus, iDefense Labs.

MS08-015 (KB949031):
http://www.microsoft.com/technet/security/Bulletin/MS08-015.mspx

iDefense Labs:
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=673