URL argument injection vulnerabilityinjection vulnerability in Microsoft Outlook. In response, Microsoft created the
MS04-009 patch that has been labelled Critical, which can be found at
http://www.microsoft.com/technet/security/bulletin/ms04-009.mspx
By exploiting the mailto: URL protocol handler provided by Outlook, it is
possible to inject arbitrary script code into the My Computer security zone.
This can be used by a virus to send you an email which automatically launches an
executable when you read it, without requiring any user interaction such as
opening email attachments.
Refferer:http://seclists.org/lists/bugtraq/2004/Mar/0086.html
Pozdrav StratOS
"Multitasking - ability to f##k up several things at once."
"It works better if you plug it in."
"As a rule, software systems do not work well until they have been used, and have failed repeatedly, in real applications."
"The one who is digging the hole for the other to fall in is allready in it."
"Multitasking - ability to f##k up several things at once."
"It works better if you plug it in."
"As a rule, software systems do not work well until they have been used, and have failed repeatedly, in real applications."
"The one who is digging the hole for the other to fall in is allready in it."
