Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2008-3068

Description

Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation List (CRL) checks by using an arbitrary URL from a certificate embedded in a (1) S/MIME e-mail message or (2) signed document, which allows remote attackers to obtain reading times and IP addresses of recipients, and port-scan results, via a crafted certificate with an Authority Information Access (AIA) extension.

POC

Reference

- http://securityreason.com/securityalert/3978

- https://www.cynops.de/advisories/AKLINK-SA-2008-002.txt

- https://www.cynops.de/advisories/AKLINK-SA-2008-003.txt

- https://www.cynops.de/advisories/AKLINK-SA-2008-004.txt

- https://www.cynops.de/techzone/http_over_x509.html

Github

No PoCs found on GitHub currently.