Lucene search

K

MicrosoftCVELIST:CVE-2007-2225

HistoryJun 12, 2007 - 8:00 p.m.

CVE-2007-2225

2007-06-1220:00:00

microsoft

www.cve.org

4

AI Score

5.7

Confidence

Low

EPSS

0.098

Percentile

94.9%

A component in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle certain HTTP headers when processing MHTML protocol URLs, which allows remote attackers to obtain sensitive information from other Internet Explorer domains, aka “URL Parsing Cross Domain Information Disclosure Vulnerability.”

References

archive.openmya.devnull.jp/2007.06/msg00060.html

openmya.hacker.jp/hasegawa/security/ms07-034.txt

osvdb.org/35345

secunia.com/advisories/25639

www.kb.cert.org/vuls/id/682825

www.securityfocus.com/archive/1/471947/100/0/threaded

www.securityfocus.com/archive/1/472002/100/0/threaded

www.securityfocus.com/bid/24392

www.securitytracker.com/id?1018231

www.securitytracker.com/id?1018232

www.us-cert.gov/cas/techalerts/TA07-163A.html

www.vupen.com/english/advisories/2007/2154

docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-034

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2045

AI Score

5.7

Confidence

Low

EPSS

0.098

Percentile

94.9%

Related for CVELIST:CVE-2007-2225

seebug1 nvd1 jvn1 prion1 cert1 cve1 securityvulns3 openvas2 nessus1