Microsoft Outlook Rich Text Format Information Disclosure Vulnerability

If an email message is sent from a Microsoft Outlook client and is RTF formatted, a file named winmail.dat is also sent as an attachment. If the recipient opens the email message in a client other than Outlook, the windmail.dat file will be visible as an attachment. Windmail.dat contains the full path of the senders' .pst file which is located on the user profile directory by default. The path contains the username of the sender in addition to the domain name.

Reportedly, if the email message is sent through Exchange Server 5.5, windmail.dat will be stripped from the email message and it will not be received by the intended recipient.


Privacy Statement
Copyright 2010, SecurityFocus