«

MS07-056 : Outlook Express and Windows Mail NNTP Memory Corruption
Vulnerability

Windows ships with either the Outlook Express (OE) or the Windows Mail
(WM) email client to allow you to download and read your email.
According to Microsoft, both these email clients suffer from a memory
corruption vulnerability involving the way they handle the Network News
Transfer Protocol (NNTP) . By enticing one of your users to a specially
designed web page containing NNTP content, an attacker could exploit
this vulnerability to execute code on that user's computer with that
user's privileges. Since typical Windows users have local administrative
privileges, attackers can usually exploit this flaw to gain complete
control of Windows machines.
Microsoft rating: Critical.


--
Leythos - (remove 999 to email me)

Fight exposing kids to porn, complain about sites like PCBUTTS1.COM that
create filth and put it on the web for any kid to see: Just take a look
at some of the FILTH he's created and put on his website:
http://forums.speedguide.net/archive.../t-223485.html all exposed
to children (the link I've include does not directly display his filth).
You can find the same information by googling for 'PCBUTTS1' and
'exposed to kids'.

Leythos <> wrote in
news::

> MS07-056 : Outlook Express and Windows Mail NNTP Memory Corruption
> Vulnerability
>
> Windows ships with either the Outlook Express (OE) or the Windows Mail
> (WM) email client to allow you to download and read your email.
> According to Microsoft, both these email clients suffer from a memory
> corruption vulnerability involving the way they handle the Network
> News Transfer Protocol (NNTP) . By enticing one of your users to a
> specially designed web page containing NNTP content,

Is that microsoft's buzzword for mime? god knows they don't do yEnc.

an attacker could exploit
> this vulnerability to execute code on that user's computer with that
> user's privileges. Since typical Windows users have local
> administrative privileges, attackers can usually exploit this flaw to
> gain complete control of Windows machines.
> Microsoft rating: Critical.
>
Yet another result of "added capability" not doubt.



--
(setq (chuck nil) car(chuck) )

On Tue, 09 Oct 2007 22:19:32 -0400, Leythos wrote:

> MS07-056 : Outlook Express and Windows Mail NNTP Memory Corruption
> Vulnerability
>
> Windows ships with either the Outlook Express (OE) or the Windows Mail
> (WM) email client to allow you to download and read your email.
> According to Microsoft, both these email clients suffer from a memory
> corruption vulnerability involving the way they handle the Network News
> Transfer Protocol (NNTP) . By enticing one of your users to a specially
> designed web page containing NNTP content, an attacker could exploit
> this vulnerability to execute code on that user's computer with that
> user's privileges. Since typical Windows users have local administrative
> privileges, attackers can usually exploit this flaw to gain complete
> control of Windows machines.
> Microsoft rating: Critical.

Wow that sucks for Windoze users.

chuckcar <> wrote:

>> Windows ships with either the Outlook Express (OE) or the Windows Mail
>> (WM) email client to allow you to download and read your email.
>> According to Microsoft, both these email clients suffer from a memory
>> corruption vulnerability involving the way they handle the Network
>> News Transfer Protocol (NNTP) . By enticing one of your users to a
>> specially designed web page containing NNTP content,

>Is that microsoft's buzzword for mime? god knows they don't do yEnc.

....Newsgroups http://www.faqs.org/rfcs/rfc977.html
--

The universe is about to lose its dimension of time
http://arxivblog.com/?p=71
December 2012 mayhaps?