• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Crypto API X.509 Certificate Validation Remote Information Disclosure Vulnerability

Bugtraq ID:	28548
Class:	Design Error
CVE:
Remote:	Yes
Local:	No
Published:	Apr 01 2008 12:00AM
Updated:	Jul 04 2008 08:30PM
Credit:	Alexander Klink
Vulnerable:	Microsoft Windows Live Mail 2008 0 Microsoft Outlook 2007 0 Microsoft Office 2007 SP1 Microsoft Office 2007 0 + Microsoft Access 2007 0 + Microsoft Access 2007 0 + Microsoft Excel 2003 + Microsoft Excel 2007 0 + Microsoft Excel 2007 0 + Microsoft FrontPage 2003 + Microsoft Groove 2007 0 + Microsoft Groove 2007 0 + Microsoft InfoPath 2003 + Microsoft InfoPath 2007 0 + Microsoft InfoPath 2007 0 + Microsoft Office Communicator 2007 0 + Microsoft Office Communicator 2007 0 + Microsoft OneNote 2003 0 + Microsoft Outlook 2003 0 + Microsoft Outlook 2007 0 + Microsoft Outlook 2007 0 + Microsoft PowerPoint 2003 0 + Microsoft PowerPoint 2007 0 + Microsoft PowerPoint 2007 0 + Microsoft Project Professional 2007 0 + Microsoft Project Professional 2007 0 + Microsoft Project Standard 2007 0 + Microsoft Project Standard 2007 0 + Microsoft Publisher 2003 + Microsoft Publisher 2007 0 + Microsoft Publisher 2007 0 + Microsoft SharePoint Designer 2007 0 + Microsoft SharePoint Designer 2007 0 + Microsoft Visio Professional 2007 0 + Microsoft Visio Professional 2007 0 + Microsoft Visio Standard 2007 0 + Microsoft Visio Standard 2007 0 Microsoft Crypto API 0
Not Vulnerable: