Windows Outlook Express畸形邮件头拒绝服务漏洞(MS04-018)

漏洞信息详情

Windows Outlook Express畸形邮件头拒绝服务漏洞(MS04-018)

• CNNVD编号：CNNVD-200408-050
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2004-0215
  
• 漏洞类型：
  
  
  其他
  
• 发布时间：
  
  2004-07-13
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  avaya
• 漏洞来源：
  Microsoft Security…

Microsoft Outlook Express是流行的邮件处理程序。
Microsoft Outlook Express在处理畸形邮件头时存在问题，远程攻击者可以利用这个漏洞对Outlook Express进行拒绝服务攻击。
目前没有详细漏洞细节提供。

厂商补丁：
Microsoft
———
Microsoft已经为此发布了一个安全公告(MS04-018)以及相应补丁:

MS04-018：Cumulative Security Update for Outlook Express (823353)

链接：http://www.microsoft.com/technet/security/bulletin/MS04-018.mspx” target=”_blank”>
http://www.microsoft.com/technet/security/bulletin/MS04-018.mspx

补丁下载：

Microsoft Outlook Express 5.5 Service Pack 2

http://www.microsoft.com/downloads/details.aspx?FamilyId=9A8D1BF2-93C5-41A9-B79A-31D54743BA0E&displaylang=en” target=”_blank”>
http://www.microsoft.com/downloads/details.aspx?FamilyId=9A8D1BF2-93C5-41A9-B79A-31D54743BA0E&displaylang=en

Microsoft Outlook Express 6

http://www.microsoft.com/downloads/details.aspx?FamilyId=D5900DF1-10AB-4850-9064-3070CE1F948A&displaylang=en” target=”_blank”>
http://www.microsoft.com/downloads/details.aspx?FamilyId=D5900DF1-10AB-4850-9064-3070CE1F948A&displaylang=en

Microsoft Outlook Express 6 Service Pack 1

http://www.microsoft.com/downloads/details.aspx?FamilyId=AD6A96BC-DAF0-4EAB-89B8-BD702B3E3E5D&displaylang=en” target=”_blank”>
http://www.microsoft.com/downloads/details.aspx?FamilyId=AD6A96BC-DAF0-4EAB-89B8-BD702B3E3E5D&displaylang=en

Microsoft Outlook Express 6 Service Pack 1 (64 bit Edition)

http://www.microsoft.com/downloads/details.aspx?FamilyId=ADCCF304-6CFC-48D6-9A3F-2A601C3A04A5&displaylang=en” target=”_blank”>
http://www.microsoft.com/downloads/details.aspx?FamilyId=ADCCF304-6CFC-48D6-9A3F-2A601C3A04A5&displaylang=en

Microsoft Outlook Express 6 on Windows Server 2003

http://www.microsoft.com/downloads/details.aspx?FamilyId=C99AAFCD-B99B-4B13-A366-5F8EDC83633F&displaylang=en” target=”_blank”>
http://www.microsoft.com/downloads/details.aspx?FamilyId=C99AAFCD-B99B-4B13-A366-5F8EDC83633F&displaylang=en

Microsoft Outlook Express 6 on Windows Server 2003 (64 bit edition)

http://www.microsoft.com/downloads/details.aspx?FamilyId=10D1AAD0-0313-4BEB-A174-84CF573F31FD&displaylang=en” target=”_blank”>
http://www.microsoft.com/downloads/details.aspx?FamilyId=10D1AAD0-0313-4BEB-A174-84CF573F31FD&displaylang=en

来源:US-CERT Technical Alert: TA04-196A
名称: TA04-196A
链接:http://www.us-cert.gov/cas/techalerts/TA04-196A.html

来源:US-CERT Vulnerability Note: VU#869640
名称: VU#869640
链接:http://www.kb.cert.org/vuls/id/869640

来源: XF
名称: outlook-malformed-email-header-dos(16585)
链接:http://xforce.iss.net/xforce/xfdb/16585

来源: MS
名称: MS04-018
链接:http://www.microsoft.com/technet/security/bulletin/ms04-018.asp

来源: US Government Resource: oval:org.mitre.oval:def:3376
名称: oval:org.mitre.oval:def:3376
链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:3376

来源: US Government Resource: oval:org.mitre.oval:def:2657
名称: oval:org.mitre.oval:def:2657
链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:2657

来源: US Government Resource: oval:org.mitre.oval:def:2137
名称: oval:org.mitre.oval:def:2137
链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:2137

来源: US Government Resource: oval:org.mitre.oval:def:1950
名称: oval:org.mitre.oval:def:1950
链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1950