• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Outlook Express MHTML Redirection Local File Parsing Vulnerability

Solution:
Avaya has released an advisory to announce that Avaya System Products shipping on Microsoft platforms are also affected by this vulnerability. Avaya advise that customers follow the Microsoft recommendations for the resolution of this issue. The aforementioned advisory can be viewed at the following location:
http://support.avaya.com/japple/css/japple?temp.groupID=&temp.selectedFamily=128451&temp.selectedProduct=154235&temp.selectedBucket=126655&temp.feedbackState=askForFeedback&temp.documentID=161384&PAGE=avaya.css.CSSLvl1Detail&executeTransaction=avaya.css.UsageUpdate()

Microsoft has released Outlook Express cumulative patches. It should be noted that specific operating system, Outlook Express, and Internet Explorer versions may need to be installed to apply these cumulative patches. Further information is provided in the Download details page for each cumulative patch.


Microsoft Outlook Express 6.0

• Microsoft Cumulative Security Update for Outlook Express 6 (KB837009)
  http://207.46.249.252/downloads/details.aspx?FamilyId=DCEB332E-CAE4-47 43-B6AB-EDC1CD625AE0&displaylang=en


• Microsoft Cumulative Security Update for Outlook Express for Windows Server 2003 (KB837009)
  http://207.46.249.252/downloads/details.aspx?FamilyId=1C44FB27-6A9D-42 AE-8E06-3ADBB7896BCD&displaylang=en


• Microsoft Cumulative Security Update for Outlook Express for Windows Server 2003 64-bit Edition (KB837009)
  http://207.46.249.252/downloads/details.aspx?FamilyId=C765E4F3-19A4-45 CF-BE99-28C136B14E30&displaylang=en

Microsoft Outlook Express 6.0 SP1

• Microsoft Cumulative Security Update for Outlook Express 6 Service Pack 1 (KB837009)
  http://207.46.249.252/downloads/details.aspx?FamilyId=925628BD-1B5F-4B 21-8DB6-EDE1C73F97B5&displaylang=en


• Microsoft Cumulative Security Update for Outlook Express 6 SP1 64-bit Edition (KB837009)
  http://207.46.249.252/downloads/details.aspx?FamilyId=DEDBA3EA-05EC-45 AF-8795-5F785D83CA77&displaylang=en

Microsoft Outlook Express 5.5 SP2

• Microsoft Cumulative Security Update for Outlook Express 5.5 Service Pack 2 (KB837009)
  http://207.46.249.252/downloads/details.aspx?FamilyId=88D8F9DC-589A-4C E5-BB04-CCEDCB8ADDBA&displaylang=en