{"vuid":"VU#130614","idnumber":"130614","name":"Microsoft Outlook Express vulnerable to remote code execution","keywords":["Microsoft","Outlook Express","remote code execution","897715","MS05-030"],"overview":"A vulnerability in Microsoft Outlook Express's NNTP response parsing may allow an attacker to execute arbitrary code.","clean_desc":"Microsoft Outlook Express contains support for Network News Transfer Protocol (NNTP) data, which is defined in RFC 977 and RFC 2980. A flaw in Outlook Express' handling of NNTP responses may lead to a buffer overflow condition if a specially-crafted reply is sent by a compromised or malicious NNTP server.","impact":"A remote, unauthenticated attacker with the ability to control an NNTP server that a host is connected to may be able to execute arbitrary code in the security context of the local user.","resolution":"Apply an Update Please see Microsoft Security Bulletin MS05-030 for more information, such as workarounds and patches.","workarounds":"Utilize Workarounds A number of workarounds are indicated in Microsoft Security Bulletin MS05-030, including: Block access to NNTP traffic, which commonly utilizes TCP port 119 and UDP port 119.","sysaffected":"","thanks":"Thanks to Microsoft for information on this vulnerability, who in turn credit \niDEFENSE\n with reporting this vulnerability.","author":"This document was written by Ken MacInnis.","public":["http://www.microsoft.com/technet/security/bulletin/MS05-030.mspx","http://secunia.com/advisories/15695/"],"cveids":["CVE-2005-1213"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2005-06-14T19:04:43Z","publicdate":"2005-06-14T00:00:00Z","datefirstpublished":"2005-06-14T21:44:44Z","dateupdated":"2005-06-20T19:25:22Z","revision":12,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"6","cam_population":"11","cam_impact":"18","cam_easeofexploitation":"4","cam_attackeraccessrequired":"9","cam_scorecurrent":"2.80665","cam_scorecurrentwidelyknown":"3.4749","cam_scorecurrentwidelyknownexploited":"6.1479","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":2.80665,"vulnote":null}