240 matches found
Outlook Express 5.56.0 Windows Mail - MHTML URI Handler Information Disclosure
Outlook Express 5.56.0 Windows Mail - MHTML URI Handler Information Disclosure source: https://www.securityfocus.com/bid/17717/info Outlook Express and Windows Mail are prone to a cross-domain information-disclosure vulnerability. This vulnerability may let a malicious website access properties o...
CVE-2004-0380
The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help CHM file that references the InfoTech Storage ITS...
MS04-013: Cumulative Update for Outlook Express (837009)
The remote host has a version of Outlook Express that has a bug in its MHTML URL processor that could allow an attacker to execute arbitrary code on this host. To exploit this flaw, an attacker would need to send a malformed email to a user of this host using Outlook, or would need to lure him in...
CVE-2004-0380
The CVE-2004-0380 issue affects the MHTML URL Processing Vulnerability in Microsoft Outlook Express 5.5 SP2 through 6 SP1, rooted in the MHTML/ITS handling and cross-domain logic. A remote attacker could cause HTML/CHM content to execute arbitrary code in the Local Machine Zone by exploiting ITS,...
CVE-2004-0380
The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help CHM file that references the InfoTech Storage ITS...
Outlook Express MHTML protocol handler does not properly validate source of alternate content
Overview The Outlook Express MIME Encapsulation of Aggregate HTML Documents MHTML protocol handler does not adequately validate the source of alternate content. An attacker could exploit this vulnerability to access data and execute script in different security domains. By causing script to be ru...
Microsoft Internet Explorer 5.0.1 - ITS Protocol Zone Bypass (MS04-013)
source: https://www.securityfocus.com/bid/9658/info Microsoft Internet Explorer has been reported prone to a vulnerability that may permit hostile content to be interpreted in the Local Zone. The issue may be exploited via the ITS InfoTech Storage Protocol URI handler. It is possible to use this...
Microsoft Internet Explorer 5.0.1 - ITS Protocol Zone Bypass (MS04-013)
Microsoft Internet Explorer 5.0.1 - ITS Protocol Zone Bypass MS04-013 source: https://www.securityfocus.com/bid/9658/info Microsoft Internet Explorer has been reported prone to a vulnerability that may permit hostile content to be interpreted in the Local Zone. The issue may be exploited via the...
MHTML Redirection Leads to Downloading EXE and Executing
MHTML Redirection Leads to Downloading EXE and Executing tested OS:Win2k3,CN version IE: with MS03-048 installed. OS:WinXp, CN version Microsoft Internet Explorer v6.Sp1; up-to-date on 2003/11/16 overview A vulnerability in Internet Explorer is found: any attacker that can reach MYCOMPUTER securi...
Microsoft Outlook Express 6.0 - MHTML Forced File Execution (2)
Microsoft Outlook Express 6.0 - MHTML Forced File Execution 2 source: https://www.securityfocus.com/bid/9105/info A vulnerability has been discovered in Microsoft Outlook Express when handling MHTML file and res URIs that could lead to an unexpected file being downloaded and executed. The problem...
Microsoft Outlook Express MHTML Forced File Execution Vulnerability
Description A vulnerability has been discovered in Microsoft Outlook Express when handling MHTML file and res URIs that could lead to an unexpected file being downloaded and executed. The problem occurs due to the component failing to securely handle MHTML file URIs that reference a non-existent...
Microsoft Outlook Express 6.0 - .MHTML Forced File Execution (1)
Microsoft Outlook Express 6.0 - .MHTML Forced File Execution 1 source: https://www.securityfocus.com/bid/9105/info A vulnerability has been discovered in Microsoft Outlook Express when handling MHTML file and res URIs that could lead to an unexpected file being downloaded and executed. The proble...
Microsoft Outlook Express 6.0 - '.MHTML' Forced File Execution (1)
source: https://www.securityfocus.com/bid/9105/info A vulnerability has been discovered in Microsoft Outlook Express when handling MHTML file and res URIs that could lead to an unexpected file being downloaded and executed. The problem occurs due to the component failing to securely handle MHTML...
Microsoft Outlook Express 6.0 - MHTML Forced File Execution (2)
source: https://www.securityfocus.com/bid/9105/info A vulnerability has been discovered in Microsoft Outlook Express when handling MHTML file and res URIs that could lead to an unexpected file being downloaded and executed. The problem occurs due to the component failing to securely handle MHTML...
Microsoft Internet Explorer and Outlook Express MHTML rendering engine incorrectly executes script in Local Computer Zone
Overview There is an MHTML input validation vulnerability in Outlook Express that may lead to arbitrary command and code execution in the Local Computer Zone of a victim host. Description Microsoft systems use components of Microsoft Outlook Express to render MHTML MIME Encapsulation of Aggregate...
Microsoft Security Bulletin MS03-014: Cumulative Patch for Outlook Express (330994)
-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Cumulative Patch for Outlook Express 330994 Date: 23 April 2003 Software: Microsoft c Outlook Express Impact: Run code of the attacker's choice on a user's machine. Max Risk: Critica...
Microsoft Outlook Express 56 - MHTML URL Handler File Rendering
Microsoft Outlook Express 56 - MHTML URL Handler File Rendering source: https://www.securityfocus.com/bid/5473/info Microsoft Outlook Express introduced a URL handler called MHTML MIME Encapsulation of Aggregate HTML. This allows Internet Explorer to pass MHTML files to Outlook Express for...
Microsoft Outlook Express 5/6 - MHTML URL Handler File Rendering
source: https://www.securityfocus.com/bid/5473/info Microsoft Outlook Express introduced a URL handler called MHTML MIME Encapsulation of Aggregate HTML. This allows Internet Explorer to pass MHTML files to Outlook Express for rendering. The MHTML URL handler does not validate the file type it is...
Code execution via Eudora
Using META REFRESH it's possible to launch mhtml file...
ICQ and MSIE allow execution of arbitrary code
Outline qoute I was about to put on a home page right after I discovered it and still had a hope that I will be that one who will finally destroy the world :: /quote Well i dont know if it will destroy the world, but sure enough it's enough to destory a small portion off it : Actually i found the...