Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2011-1894
HistoryJun 16, 2011 - 8:55 p.m.

CVE-2011-1894

2011-06-1620:55:02
CWE-79
[email protected]
web.nvd.nist.gov
6

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.5

Confidence

High

EPSS

0.034

Percentile

91.4%

JSON

The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle a MIME format in a request for embedded content in an HTML document, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted EMBED element in a web page that is visited in Internet Explorer, aka β€œMHTML Mime-Formatted Request Vulnerability.”

Affected configurations

Nvd
Node
microsoftwindows_2003_serversp2
OR
microsoftwindows_2003_serversp2itanium
OR
microsoftwindows_7Match-
OR
microsoftwindows_server_2003sp2
OR
microsoftwindows_server_2008itanium
OR
microsoftwindows_server_2008x32
OR
microsoftwindows_server_2008x64
OR
microsoftwindows_server_2008sp2x32
OR
microsoftwindows_server_2008sp2x64
OR
microsoftwindows_server_2008Match-sp2itanium
OR
microsoftwindows_server_2008Matchr2itanium
OR
microsoftwindows_server_2008Matchr2x64
OR
microsoftwindows_vistasp1
OR
microsoftwindows_vistasp2
OR
microsoftwindows_xpsp2x64
OR
microsoftwindows_xpsp3
VendorProductVersionCPE
microsoftwindows_2003_server*cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*
microsoftwindows_2003_server*cpe:2.3:o:microsoft:windows_2003_server:*:sp2:itanium:*:*:*:*:*
microsoftwindows_7-cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*
microsoftwindows_server_2003*cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
microsoftwindows_server_2008*cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*
microsoftwindows_server_2008*cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*
microsoftwindows_server_2008*cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*
microsoftwindows_server_2008*cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*
microsoftwindows_server_2008*cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*
microsoftwindows_server_2008-cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*
Rows per page:
1-10 of 161

Related

openvas 2
seebug 1
cvelist 1
cve 1
prion 1
nessus 1
checkpoint_advisories 1
securityvulns 1
openvas
openvas
Windows MHTML Information Disclosure Vulnerability (2544893)
2011-06-15 00:00:00
Windows MHTML Information Disclosure Vulnerability (2544893)
2011-06-15 00:00:00
seebug
seebug
Microsoft Windows MHTML Mime-ζ ΌεΌεŒ–θ―·ζ±‚δΏ‘ζ―ζ³„ιœ²ζΌζ΄ž
2011-06-16 00:00:00
cvelist
cvelist
CVE-2011-1894
2011-06-16 20:21:00
cve
cve
CVE-2011-1894
2011-06-16 20:55:02
prion
prion
Cross site scripting
2011-06-16 20:55:00
nessus
nessus
MS11-037: Vulnerability in MHTML Could Allow Information Disclosure (2544893)
2011-06-15 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Internet Explorer MHTML Content Blocks Information Disclosure (CVE-2011-0096; CVE-2011-1894)
2011-01-30 00:00:00
securityvulns
securityvulns
Microsoft Internet Explorer multiple security vulnerabilities
2011-07-22 00:00:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.5

Confidence

High

EPSS

0.034

Percentile

91.4%

JSON
Related for NVD:CVE-2011-1894
openvas2seebug1cvelist1cve1prion1nessus1checkpoint_advisories1securityvulns1