Back to search
CVE-2008-5424
Published: Dec 11, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
The MimeOleClearDirtyTree function in InetComm.dll in Microsoft Outlook Express 6.00.2900.5512 does not properly handle (1) multipart/mixed e-mail messages with many MIME parts and possibly (2) e-mail messages with many "Content-type: message/rfc822;" headers, which allows remote attackers to cause a denial of service (infinite loop) via a large e-mail message, a related issue to CVE-2006-1173.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://mime.recurity.com/cgi-bin/twiki/view/Main/AttackIntro
x_refsource_MISC
4721
third-party-advisory
x_refsource_SREASON
32702
vdb-entry
x_refsource_BID
20081208 DoS attacks on MIME-capable software via complex MIME emails
mailing-list
x_refsource_BUGTRAQ
20081209 Re: DoS attacks on MIME-capable software via complex MIME emails
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now