Heap-based buffer overflow in Microsoft Outlook Express and Windows Mail
CVE-2007-3897

Currently unrated

Key Information:

Vendor: Microsoft
Status: Outlook Express; Windows Mail
Vendor: CVE Published:; 9 October 2007

Summary

A heap-based buffer overflow exists in Microsoft Outlook Express and Windows Mail that could allow an attacker to execute arbitrary code on the system. This vulnerability arises when processing long responses from remote Network News Transfer Protocol (NNTP) servers, leading to potential memory corruption. A successful exploit could permit unauthorized control over the affected application, thereby compromising system integrity.

References

http://securitytracker.com/id?1018785

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/archive/1/482366/100/0/threaded

vendor-advisoryx_refsource_HP

http://www.securityfocus.com/archive/1/482366/100/0/threaded

vendor-advisoryx_refsource_HP

EPSS Score

64% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 9, 2007
Vulnerability Reserved
Jul 19, 2007