Microsoft Outlook Express MHTML Forced File Execution Vulnerability

Liu Die Yu has released a proof of concept exploit designed to exploit the issues described in BID 9105, 9107 and 9109 to execute arbitrary executables. The proof of concept and a document describing the exploit is available at the following location:

The exploit is linked below.

Liu Die Yu has supplied a demonstration that is available in a .zip file below:


Privacy Statement
Copyright 2010, SecurityFocus