funsec mailing list archives
Sunbelt: VML Exploit-Vulnerable
From: "Fergie" <fergdawg () netzero net>
Date: Fri, 22 Sep 2006 22:16:32 GMT
A big thanks to the hard work of the folks over at Sunbelt. Via The Sunbelt Blog. [snip] Eric Sites here did some quick and dirty testing to see what versions of Outlook are vulnerable to the VML exploit. Heres our current list: Outlook 2007 - 12.0.417.1006, Can view VML but apparently not vulnerable. Outlook 2002 - not vulnerable Outlook 2000 - not vulnerable Outlook 2003 11.5608.8028 not vulnerable Outlook 2003 11.5608.5606 not vulnerable Outlook 2003 11.6568.6568 SP2 not tested Outlook 2003 11.8010.8036 SP2 vulnerable So, ironically, your most patched version of Outlook 2003 is the most likely at risk. [snip] Go figure. :-) More here: http://sunbeltblog.blogspot.com/2006/09/vulnerable-versions-of-outlook.html Again, many thanks to the folks over at Sunbelt, especially Eric Sites, and the volunteers at ZERT. - ferg -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Sunbelt: VML Exploit-Vulnerable Fergie (Sep 22)