|
|
CVE Reference: CVE-2007-2227 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-2227 |
|
|
Description: The MHTML protocol handler in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle Content-Disposition "notifications," which allows remote attackers to obtain sensitive information from other Internet Explorer domains, aka "Content Disposition Parsing Cross Domain Information Disclosure Vulnerability." |
|
|
CVE Status: Candidate |
|
|
References: ST 1018233 1018234 SAID Secunia Advisory: SA25639 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:2085 MS http://www.microsoft.com/technet/security/bulletin/ms07-034.mspx MISC http://openmya.hacker.jp/hasegawa/security/ms07-034.txt http://archive.openmya.devnull.jp/2007.06/msg00060.html HP http://www.securityfocus.com/archive/1/archive/1/471947/100/0/threaded CERT http://www.us-cert.gov/cas/techalerts/TA07-163A.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/472002/100/0/threaded BID 24410 |
|
| Return to the previous page. |
