Release DateDec 15, 2009 |
Severityhigh |
ImpactSystem Compromise |
DescriptionThis indicates an attack attempt against an argument-injection vulnerability in Google Apps.The vulnerability is caused by an input validation error when the googleapps.exe program handles a specially crafted "googleapps.url.mailto://" URI. It allows a remote attacker to execute arbitrary programs on a vulnerable system. |
Affected ProductsGoogle Apps 1.1.110 6031 |
Recommended ActionsUpgrade to the latest versions:http://pack.google.com/intl/en/pack_installer.html |
Coverage IPS
VCM |
Reference/shttp://www.securityfocus.com/bid/36581 (BugTraq)http://secunia.com/advisories/36924/ |
