SecurityTracker: Microsoft Exchange Memory Corruption Error in Decoding TNEF Data Lets Remote Users Execute Arbitrary Code

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

Home | View Topics | Search | Contact Us |

SecurityTracker
Archives

Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Category: Application (E-mail Server) > Microsoft Exchange

Vendors: Microsoft

Microsoft Exchange Memory Corruption Error in Decoding TNEF Data Lets Remote Users Execute Arbitrary Code

SecurityTracker Alert ID: 1021700

SecurityTracker URL: http://securitytracker.com/id/1021700

CVE Reference: CVE-2009-0098 (Links to External Site)

Updated: Feb 17 2009

Original Entry Date: Feb 10 2009

Impact: Execution of arbitrary code via network, User access via network

Fix Available: Yes Vendor Confirmed: Yes

Version(s): 2000, 2003, 2007

Description: A vulnerability was reported in Microsoft Exchange in the decoding of TNEF data. A remote user can cause arbitrary code to be executed on the target system.

A remote user can send an e-mail containing specially crafted Transport Neutral Encapsulation Format (TNEF) data that, when opened or previewed by the target user or when processed by the Microsoft Exchange Server Information Store, will trigger a memory corruption error in the TNEF decoding process and execute arbitrary code on the target system. The code will run with Exchange Server service account privileges.

Impact: A remote user can execute arbitrary code on the target system.

Solution: The vendor has issued the following fixes:

Microsoft Exchange 2000 Server Service Pack 3 with the Update Rollup of August 2004:

http://www.microsoft.com/downloads/details.aspx?familyid=805dc856-ea60-477d-be40-6ac535a7e7e5

Microsoft Exchange Server 2003 Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=1d9f0956-88bd-4e13-a86b-b1c8d4782f71

Microsoft Exchange Server 2007 Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=93cb3f66-ae72-4356-bdbf-35029cff6df1

Microsoft Exchange Server MAPI Client and Collaboration Data Objects 1.2.1:

http://www.microsoft.com/downloads/details.aspx?FamilyID=e17e7f31-079a-43a9-bff2-0a110307611e

The Microsoft advisory is available at:

http://www.microsoft.com/technet/security/bulletin/ms09-003.mspx

On February 17, 2009 (UTC), Microsoft updated their advisory to indicate that the Microsoft Exchange Server MAPI Client is also affected by MS09-003.

Vendor URL: www.microsoft.com/technet/security/bulletin/ms09-003.mspx (Links to External Site)

Cause: Access control error

Underlying OS: Windows (2000), Windows (2003), Windows (Vista)

Message History: None.

Source Message Contents

Date: Tue, 10 Feb 2009 14:20:01 -0500
Subject: http://www.microsoft.com/technet/security/bulletin/ms09-003.mspx


Microsoft Security Bulletin MS09-003 - Critical: Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (959239)

CVE-2009-0098

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us
Copyright 2012, SecurityGlobal.net LLC