header-logo
Suggest Exploit
vendor:
Outlook Express
by:
SecurityFocus
7.5
CVSS
HIGH
File Extension Spoofing
434
CWE
Product Name: Outlook Express
Affected Version From: Outlook Express 5.0
Affected Version To: Outlook Express 6.0
Patch Exists: YES
Related CWE: N/A
CPE: a:microsoft:outlook_express
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2002

Outlook Express File Extension Spoofing Vulnerability

It is possible for a malicious user, sending email via a mail agent capable of manipulating the MIME headers, to spoof file extensions for users of Outlook Express. For example, an .exe file can be made to look like a .txt (or other seemingly harmless file type) file in the attachment list. When including a certain string of characters between the filename and the actual file extension, Outlook Express will display the specified misleading file extension type. The end result is that an attacker is able to entice a user to open or save files of arbitrary types to their local system.

Mitigation:

Users should be aware of the potential for spoofed file extensions and should exercise caution when opening attachments from untrusted sources.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/5277/info

It is possible for a malicious user, sending email via a mail agent capable of manipulating the MIME headers, to spoof file extensions for users of Outlook Express. For example, an .exe file can be made to look like a .txt (or other seemingly harmless file type) file in the attachment list.

When including a certain string of characters between the filename and the actual file extension, Outlook Express will display the specified misleading file extension type. 

The end result is that an attacker is able to entice a user to open or save files of arbitrary types to their local system.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/21631.eml

Navigation

Suggest Exploit

Services By CQR