Users login

Create an account »


Users login

Home » Hacking News » Microsoft Outlook Express XML File Attachment Script Execution Vulnerability

Microsoft Outlook Express XML File Attachment Script Execution Vulnerability

by Nikola Strahija on July 31st, 2002 An error has been reported in Microsoft Outlook Express which may allow malicious XML file attachments to execute arbitrary code in the context of the local system. Code execution could occur when the file attachment is opened, without further prompting or user interaction.

This is the result of treatment of script code included in XSL style information embedded in an XML document. Normally, XSL style information is not permitted in XML scripts executing within a restricted security zone. However, some embedded script code may still execute, despite the generation of an XML parsing error. This script code may determine the location of the Temporary Internet File (TIF) directory, which in turn can lead to the execution of arbitrary code within the Local System security zone.

This behavior has been reported in Outlook Express 6. Other versions of Outlook may share this vulnerability, this has not however been confirmed.

Remote: Yes

Exploit: [email protected]" has provided the following XML document, which will act as a proof of concept exploit:

sure it
can, malware says so

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »