Content
(MS07-056) Microsoft Network News Transfer Protocol Memory Corruption Vulnerability (941202)
- Type
- Buffer Overflow
- Impact of exploitation
- Remote Code Execution
- User Interaction
- user interaction is needed
- Attack Vector
- Website with malicious content
- Rating
- Medium
- CVE reference
- CVE-2007-3897,
- Vendor Status
- Responded and patched
- Vulnerable systems
- Windows 2000 SP4,
- Windows 2003 SP0 - SP2,
- Windows Vista SP0,
- Windows XP SP0 - SP2,
- Microsoft Outlook Express 5.5,
- Microsoft Outlook Express 6.0,
- Windows Mail any,
- Summary
- A vulnerability in Outlook Express and Windows Mail may allow for code-execution attacks. A user would to visit a malicious Web site for an attack to occur.
Tab Navigation
Description
Outlook Express and its successor on Windows Vista, Windows Mail, are mail clients that are default present on Windows Operating systems A vulnerability in Outlook Express and Windows Mail may allow for code-execution attacks. The flaw lays in the way malformed NNTP responses are handled. A user would to visit a malicious Web site for an attack to occur.
McAfee Product Mitigation & Recommendations
Recommendations
Download and install the patch available from Microsoft (941202): http://www.microsoft.com/technet/security/Bulletin/MS07-056.mspx
McAfee Product Mitigation
McAfee Foundstone
This Foundstone vulnerability check can be used to assess if your systems are vulnerable and is expected to accurately identify if a system is vulnerable in many enterprise environments.
- Signature:
- (MS07-056) Microsoft Network News Transfer Protocol Memory Corruption Vulnerability (941202)
- Signature identifier:
- 5518
- Release date:
- 10/9/2007
McAfee Host IPS
Out of the box, HIPS protects against many buffer overflow exploits targeting this vulnerability on Windows 2000, windows XP, and Windows 2003. McAfee Avert Labs will continue to update our coverage, as needed, as new exploit vectors are discovered and as new threats emerge.
- Signature:
- Generic Buffer Overflow Protection
- Signature identifier:
- 428
- Release date:
- 8/24/2000
- First released in:
- 2.0
McAfee VirusScan Enterprise 8.0i (VSE8.0i) / Managed Virus Scan (MVS) Buffer Overflow Protection
VSE8.0i and MVS protect against many buffer overflow exploits targeting this vulnerability on Windows 2000, windows XP, and Windows 2003. McAfee Avert Labs will update DAT coverage for this vulnerability as new threats emerge.
- Signature:
- Buffer Overflow Protection
- Release date:
- 8/30/2004
- First released in:
- Build 131
McAfee VirusScan Enterprise 8.5i (VSE8.5i) /Total Protection for Small Business (ToPS SB) Buffer Overflow Protection
VSE8.5i protects against many buffer overflow exploits targeting this vulnerabilty on Windows 2000, windows XP, and Windows 2003. McAfee Avert Labs will update DAT coverage for this vulnerability as new threats emerge.
- Signature:
- Buffer Overflow Protection
- Release date:
- 11/29/2006
- First released in:
- build 354
Additional Resources
Microsoft Security Bulletin: Security Update for Outlook Express and Windows Mail (941202)
http://www.microsoft.com/technet/security/Bulletin/MS07-056.mspx
All Information
Timeline -
10/9/2007
Vendor has provided a patch.
Description -
Outlook Express and its successor on Windows Vista, Windows Mail, are mail clients that are default present on Windows Operating systems A vulnerability in Outlook Express and Windows Mail may allow for code-execution attacks. The flaw lays in the way malformed NNTP responses are handled. A user would to visit a malicious Web site for an attack to occur.
McAfee Product Mitigation & Recommendations
Recommendations -
Download and install the patch available from Microsoft (941202): http://www.microsoft.com/technet/security/Bulletin/MS07-056.mspx
McAfee Product Mitigation
McAfee Foundstone
This Foundstone vulnerability check can be used to assess if your systems are vulnerable and is expected to accurately identify if a system is vulnerable in many enterprise environments.
- Signature:
- (MS07-056) Microsoft Network News Transfer Protocol Memory Corruption Vulnerability (941202)
- Signature identifier:
- 5518
- Release date:
- 10/9/2007
McAfee Host IPS
Out of the box, HIPS protects against many buffer overflow exploits targeting this vulnerability on Windows 2000, windows XP, and Windows 2003. McAfee Avert Labs will continue to update our coverage, as needed, as new exploit vectors are discovered and as new threats emerge.
- Signature:
- Generic Buffer Overflow Protection
- Signature identifier:
- 428
- Release date:
- 8/24/2000
- First released in:
- 2.0
McAfee VirusScan Enterprise 8.0i (VSE8.0i) / Managed Virus Scan (MVS) Buffer Overflow Protection
VSE8.0i and MVS protect against many buffer overflow exploits targeting this vulnerability on Windows 2000, windows XP, and Windows 2003. McAfee Avert Labs will update DAT coverage for this vulnerability as new threats emerge.
- Signature:
- Buffer Overflow Protection
- Release date:
- 8/30/2004
- First released in:
- Build 131
McAfee VirusScan Enterprise 8.5i (VSE8.5i) /Total Protection for Small Business (ToPS SB) Buffer Overflow Protection
VSE8.5i protects against many buffer overflow exploits targeting this vulnerabilty on Windows 2000, windows XP, and Windows 2003. McAfee Avert Labs will update DAT coverage for this vulnerability as new threats emerge.
- Signature:
- Buffer Overflow Protection
- Release date:
- 11/29/2006
- First released in:
- build 354
Additional Resources
Additional Resources -
Microsoft Security Bulletin: Security Update for Outlook Express and Windows Mail (941202)
http://www.microsoft.com/technet/security/Bulletin/MS07-056.mspx
