| Summary |
The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help (CHM) file that references the InfoTech Storage (ITS) protocol handlers such as (1) ms-its, (2) ms-itss, (3) its, or (4) mk:@MSITStore, aka the "MHTML URL Processing Vulnerability." |
| oval
via4
|
| accepted | 2004-05-25T12:00:00.000-04:00 | | class | vulnerability | | contributors | | name | Andrew Buttner | | organization | The MITRE Corporation |
| | description | The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help (CHM) file that references the InfoTech Storage (ITS) protocol handlers such as (1) ms-its, (2) ms-itss, (3) its, or (4) mk:@MSITStore, aka the "MHTML URL Processing Vulnerability." | | family | windows | | id | oval:org.mitre.oval:def:1010 | | status | accepted | | submitted | 2004-04-13T12:00:00.000-04:00 | | title | Microsoft Outlook Express v6.0,SP1 MHTML URL Processing Vulnerability | | version | 64 |
| accepted | 2005-10-19T05:47:00.000-04:00 | | class | vulnerability | | contributors | | name | Andrew Buttner | | organization | The MITRE Corporation |
| name | Christine Walzer | | organization | The MITRE Corporation |
| | description | The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help (CHM) file that references the InfoTech Storage (ITS) protocol handlers such as (1) ms-its, (2) ms-itss, (3) its, or (4) mk:@MSITStore, aka the "MHTML URL Processing Vulnerability." | | family | windows | | id | oval:org.mitre.oval:def:1028 | | status | accepted | | submitted | 2004-04-13T12:00:00.000-04:00 | | title | Microsoft Outlook Express v6.0 for Server 2003 MHTML URL Processing Vulnerability | | version | 66 |
| accepted | 2004-05-25T12:00:00.000-04:00 | | class | vulnerability | | contributors | | name | Andrew Buttner | | organization | The MITRE Corporation |
| | description | The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help (CHM) file that references the InfoTech Storage (ITS) protocol handlers such as (1) ms-its, (2) ms-itss, (3) its, or (4) mk:@MSITStore, aka the "MHTML URL Processing Vulnerability." | | family | windows | | id | oval:org.mitre.oval:def:882 | | status | accepted | | submitted | 2004-04-13T12:00:00.000-04:00 | | title | Microsoft Outlook Express v5.5,SP2 MHTML URL Processing Vulnerability | | version | 64 |
| accepted | 2015-08-10T04:01:13.091-04:00 | | class | vulnerability | | contributors | | name | Andrew Buttner | | organization | The MITRE Corporation |
| name | Maria Mikhno | | organization | ALTX-SOFT |
| | definition_extensions | | comment | Microsoft Outlook Express 6.0 for Windows XP/2003 is installed | | oval | oval:org.mitre.oval:def:208 |
| | description | The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help (CHM) file that references the InfoTech Storage (ITS) protocol handlers such as (1) ms-its, (2) ms-itss, (3) its, or (4) mk:@MSITStore, aka the "MHTML URL Processing Vulnerability." | | family | windows | | id | oval:org.mitre.oval:def:990 | | status | accepted | | submitted | 2004-04-13T12:00:00.000-04:00 | | title | Microsoft Outlook Express v6.0 MHTML URL Processing Vulnerability | | version | 67 |
|
