Malformed iCal VulnerabilityID: oval:org.mitre.oval:def:1593 | Date: (C)2007-05-09 (M)2021-05-05 |
Class: VULNERABILITY | Family: windows |
The Exchange Collaboration Data Objects (EXCDO) functionality in Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 allows remote attackers to cause a denial of service (crash) via an Internet Calendar (iCal) file containing multiple X-MICROSOFT-CDO-MODPROPS (MODPROPS) properties in which the second MODPROPS is longer than the first, which triggers a NULL pointer dereference and an unhandled exception.
Platform: |
Microsoft Windows 2000 |
Microsoft Windows XP |
Microsoft Windows Server 2003 |
Microsoft Windows Vista |
Product: |
Microsoft Exchange Server |