Microsoft Outlook / Exchange Blank Headers DoS Vulnerability

Microsoft Outlook and Exchange are both vulnerable to denial of service attacks through incoming email if both bcc: and Reply-to: or Return-Path: and From: fields are left blank. Outlook will crash upon the delivery of these particular email messages and Exchange will produce an error stating that the message is not deliverable and to check for sufficient memory or disk space.


 

Privacy Statement
Copyright 2010, SecurityFocus