MS08-015, CVE-2008-0110, addresses a vulnerability in Microsoft Outlook’s implementation of “mailto” URI handling. The attack can be launched via IE or other applications which invoke the “mailto” protocol.
Applications can register pluggable protocol …
MS08-014, CVE 2008-0081, addresses a vulnerability in Excel whose root cause is an uninitialized stack variable. You probably have seen these types of compiler warnings before:
C:\temp>cl stack.cpp Microsoft (R) 32-bit C/C++ Optimizing Compiler Version 15.00.21022.08 for 80×86 Copyright (C) Microsoft Corporation. All rights reserved. stack.cpp c:\temp\stack.cpp(49) : warning C4700: uninitialized local variable ‘pNoInit’ used .
