CVE-2007-2225 - A component in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handl

CVE-2007-2225

Summary

A component in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle certain HTTP headers when processing MHTML protocol URLs, which allows remote attackers to obtain sensitive information from other Internet Explorer domains, aka "URL Parsing Cross Domain Information Disclosure Vulnerability."

References

Vulnerable Configurations

cpe:2.3:o:microsoft:windows_2003_server:*:*:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:*:*:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:*:sp2:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:sp1:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:sp1:*:itanium:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:sp1:*:itanium:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:sp2:*:itanium:*:*:*:*:*
cpe:2.3:o:microsoft:windows_2003_server:sp2:*:itanium:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:*:professional_x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:*:professional_x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*
cpe:2.3:a:microsoft:outlook_express:6.0:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:outlook_express:6.0:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:gold:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:gold:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:gold:x64:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:*:gold:x64:*:*:*:*:*
cpe:2.3:a:microsoft:windows_mail:*:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:windows_mail:*:*:*:*:*:*:*:*

CVSS

Base:	4.3 (as of 16-10-2018 - 16:42)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:N/A:N

oval via4

accepted

2012-09-10T04:00:46.413-04:00

class

vulnerability

contributors

name Sudhir Gandhe
organization Secure Elements, Inc.
name Chandan S
organization SecPod Technologies

definition_extensions

comment Microsoft Windows XP SP2 or later is installed
oval oval:org.mitre.oval:def:521
comment Microsoft Outlook Express 6.0 for Windows XP/2003 is installed
oval oval:org.mitre.oval:def:208
comment Microsoft Windows Server 2003 SP1 (x86) is installed
oval oval:org.mitre.oval:def:565
comment Microsoft Outlook Express 6.0 for Windows XP/2003 is installed
oval oval:org.mitre.oval:def:208
comment Microsoft Windows Server 2003 SP1 (x86) is installed
oval oval:org.mitre.oval:def:565
comment Microsoft Outlook Express 6.0 for Windows XP/2003 is installed
oval oval:org.mitre.oval:def:208
comment Microsoft Outlook Express 6.0 for Windows XP/2003 is installed
oval oval:org.mitre.oval:def:208
comment Microsoft Windows XP x64 Edition SP2 is installed
oval oval:org.mitre.oval:def:4193
comment Microsoft Windows XP SP1 (64-bit) is installed
oval oval:org.mitre.oval:def:480
comment Microsoft Outlook Express 6.0 for Windows XP/2003 is installed
oval oval:org.mitre.oval:def:208

description

family

windows

oval:org.mitre.oval:def:2045

status

accepted

submitted

2007-06-13T08:22:59.000-04:00

title

URL Parsing Cross Domain Information Disclosure Vulnerability

version

refmap via4

bid	24392
bugtraq	20070622 MS07-034: Executing arbitrary script with mhtml: protocol handler
cert	TA07-163A
cert-vn	VU#682825
hp	HPSBST02231 SSRT071438
misc	http://archive.openmya.devnull.jp/2007.06/msg00060.html http://openmya.hacker.jp/hasegawa/security/ms07-034.txt
osvdb	35345
sectrack	1018231 1018232
secunia	25639
vupen	ADV-2007-2154

Last major update

16-10-2018 - 16:42

Published

12-06-2007 - 20:30

Last modified

16-10-2018 - 16:42