Microsoft Outlook Express And Windows Mail NNTP Protocol Heap Buffer Overflow Vulnerability

Bugtraq ID: 25908
Class: Boundary Condition Error
CVE: CVE-2007-3897
Remote: Yes
Local: No
Published: Oct 09 2007 12:00AM
Updated: Oct 17 2007 01:27AM
Credit: Greg MacManus of VeriSign iDefense Labs is credited with the discovery of this vulnerability.
Vulnerable: Nortel Networks Universal Access - IP 0
Nortel Networks Packet Transit - IP 0
Nortel Networks Integrated Access - Cable 0
Nortel Networks Circuit Switching 0
Nortel Networks Centrex IP Element Manager 0
Nortel Networks Centrex IP Client Manager
Microsoft Windows Mail 0
+ Microsoft Windows Vista 0
+ Microsoft Windows Vista x64 Edition 0
Microsoft Outlook Express 6.0 SP1
+ Microsoft Windows XP 64-bit Edition SP1
+ Microsoft Windows XP 64-bit Edition SP1
+ Microsoft Windows XP Home SP1
+ Microsoft Windows XP Home SP1
+ Microsoft Windows XP Professional SP1
+ Microsoft Windows XP Professional SP1
Microsoft Outlook Express 6.0
+ Microsoft Windows Server 2003 Datacenter Edition
+ Microsoft Windows Server 2003 Datacenter Edition
+ Microsoft Windows Server 2003 Datacenter Edition
+ Microsoft Windows Server 2003 Datacenter Edition Itanium 0
+ Microsoft Windows Server 2003 Datacenter Edition Itanium 0
+ Microsoft Windows Server 2003 Datacenter Edition Itanium 0
+ Microsoft Windows Server 2003 Enterprise Edition
+ Microsoft Windows Server 2003 Enterprise Edition
+ Microsoft Windows Server 2003 Enterprise Edition
+ Microsoft Windows Server 2003 Enterprise Edition Itanium 0
+ Microsoft Windows Server 2003 Enterprise Edition Itanium 0
+ Microsoft Windows Server 2003 Enterprise Edition Itanium 0
+ Microsoft Windows Server 2003 Itanium SP2
+ Microsoft Windows Server 2003 Itanium SP2
+ Microsoft Windows Server 2003 Itanium SP1
+ Microsoft Windows Server 2003 Itanium SP1
+ Microsoft Windows Server 2003 Standard Edition
+ Microsoft Windows Server 2003 Standard Edition
+ Microsoft Windows Server 2003 Standard Edition
+ Microsoft Windows Server 2003 Standard x64 Edition
+ Microsoft Windows Server 2003 Standard x64 Edition
+ Microsoft Windows Server 2003 Web Edition
+ Microsoft Windows Server 2003 Web Edition
+ Microsoft Windows Server 2003 Web Edition
+ Microsoft Windows Server 2003 x64 SP2
+ Microsoft Windows Server 2003 x64 SP2
+ Microsoft Windows XP 64-bit Edition
+ Microsoft Windows XP 64-bit Edition
+ Microsoft Windows XP Home
+ Microsoft Windows XP Home
+ Microsoft Windows XP Home
+ Microsoft Windows XP Media Center Edition SP2
+ Microsoft Windows XP Media Center Edition SP2
+ Microsoft Windows XP Media Center Edition
+ Microsoft Windows XP Media Center Edition
+ Microsoft Windows XP Media Center Edition
+ Microsoft Windows XP Professional
+ Microsoft Windows XP Professional
+ Microsoft Windows XP Professional
+ Microsoft Windows XP Professional x64 Edition SP2
+ Microsoft Windows XP Professional x64 Edition SP2
+ Microsoft Windows XP Tablet PC Edition SP2
+ Microsoft Windows XP Tablet PC Edition SP2
+ Microsoft Windows XP Tablet PC Edition
+ Microsoft Windows XP Tablet PC Edition
Microsoft Outlook Express 5.5 SP2
+ Microsoft Windows 2000 Advanced Server SP4
+ Microsoft Windows 2000 Advanced Server SP4
+ Microsoft Windows 2000 Advanced Server SP3
+ Microsoft Windows 2000 Advanced Server SP3
+ Microsoft Windows 2000 Datacenter Server SP4
+ Microsoft Windows 2000 Datacenter Server SP4
+ Microsoft Windows 2000 Datacenter Server SP3
+ Microsoft Windows 2000 Datacenter Server SP3
+ Microsoft Windows 2000 Professional SP4
+ Microsoft Windows 2000 Professional SP4
+ Microsoft Windows 2000 Professional SP3
+ Microsoft Windows 2000 Professional SP3
+ Microsoft Windows 2000 Server SP4
+ Microsoft Windows 2000 Server SP4
+ Microsoft Windows 2000 Server SP3
+ Microsoft Windows 2000 Server SP3
+ Microsoft Windows ME
+ Microsoft Windows ME
HP Storage Management Appliance III
HP Storage Management Appliance II
HP Storage Management Appliance I
HP Storage Management Appliance 2.1
+ HP Storage Management Appliance III
+ HP Storage Management Appliance II
+ HP Storage Management Appliance I
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus