Arbitrary code can be executed on the remote host through the email client.
Description :
The remote host is running a version of outlook which is vulnerable to a bug
which may allow Internet Explorer to execute script code in the Local Machine
zone and therefore let an attacker execute arbitrary programs on this host.
To exploit this bug, an attacker would need to send an special HTML message to
a user of this host.
Solution :
Microsoft has released a set of patches for Office 2002 and XP :
