VULHUB ™

A vulnerability in Internet Explorer, Outlook and Outlook Express allows remote malicious users to execute arbitrary code on the user's machine if Active Scripting is enabled. This can be exploited via a web page or an email. A malicious user can create an executable file, compress it into a cab file, and rename it to have a file extension of any type automatically displayed by the client (e.g. .JPG, .GIF). He can then send this file as an attachment to an Outlook user as well as some active scripting (eg: JavaScript, VBscript). To display the attachment, Outlook will save it in a temporary location on the system. This temporary location is usually the default, and is well-known (C:\windows\temp\, C:\winnt\temp, etc.). The active scripting can then execute the attachment on the target machine, using the Active Setup ActiveX control.

A vulnerability in Internet Explorer, Outlook and Outlook Express allows remote malicious users to execute arbitrary code on the user's machine if Active Scripting is enabled. This can be exploited via a web page or an email. A malicious user can create an executable file, compress it into a cab file, and rename it to have a file extension of any type automatically displayed by the client (e.g. .JPG, .GIF). He can then send this file as an attachment to an Outlook user as well as some active scripting (eg: JavaScript, VBscript). To display the attachment, Outlook will save it in a temporary location on the system. This temporary location is usually the default, and is well-known (C:\windows\temp\, C:\winnt\temp, etc.). The active scripting can then execute the attachment on the target machine, using the Active Setup ActiveX control.