|
|
CVE Reference: CVE-2007-2225 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-2225 |
|
|
Description: A component in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle certain HTTP headers when processing MHTML protocol URLs, which allows remote attackers to obtain sensitive information from other Internet Explorer domains, aka "URL Parsing Cross Domain Information Disclosure Vulnerability." |
|
|
CVE Status: Candidate |
|
|
References: ST 1018231 1018232 SAID Secunia Advisory: SA25639 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:2045 MS http://www.microsoft.com/technet/security/bulletin/ms07-034.mspx MISC http://openmya.hacker.jp/hasegawa/security/ms07-034.txt http://archive.openmya.devnull.jp/2007.06/msg00060.html HP http://www.securityfocus.com/archive/1/archive/1/471947/100/0/threaded CERT-VN 682825 CERT http://www.us-cert.gov/cas/techalerts/TA07-163A.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/472002/100/0/threaded BID 24392 |
|
| Return to the previous page. |
