• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Outlook and Outlook Web Access Source Email Address Spoofing Weakness

Microsoft Outlook and Outlook Web Access clients are reported prone to a weakness that may allow remote attackers to send email with a spoofed address.

It is reported that this issue arises when an attacker sends an e-mail by specifying multiple source email addresses.

This issue may allow an attacker to carry out other attacks by combining this issue with social engineering and phishing attacks. An attacker may also bypass email gateways and send email to users.