Ceci n'est pas un blog

Outlook Express Vulnerability #3476

by Volker Weber

It is possible to send attachments to Outlook Express users using non-standard attachment techniques. This can be accomplished by encapsulating the data in Carriage Return () specifiers in the Subject line of an email. Upon receiving an email with a subject line containing carriage returns, Outlook Express will interpret the data section of the mail beginning in the subject line. This problem is compounded by the fact that mail filtering utilities do not search the subject line for this type of data, and can allow a malicious file to pass to an Outlook Express user.

More >

Comments

Old vowe.net archive pages

I explain difficult concepts in simple ways. For free, and for money. Clue procurement and bullshit detection.

© 1992-2021 Volker Weber. All Rights Reserved. Impressum. Datenschutzerklärung.