248 matches found
A period of WIN7 under GMAIL MHTML vulnerability test code-vulnerability warning-the black bar safety net
RAyh4c black box Long time no update blog, and turn to a section 7 under the GMAIL MHTML vulnerability test code, finally written the full version of the Don't know to throw which went to the - -! The MHTML vulnerability in WINDOWS 7 to initiate the AJAX request, does not like XP, direct request...
Microsoft Windows multiple security vulnerabilities
SMB client and server memory corruption, Fax Cover Page Editor memory corruption, MFC library unsafe DLL loading, MHTML library information leak, GDI+ library integer overflow, DNS client memory corruption, memory corruption in .Net Framework, memory corruption in JScript / VBScript engines, stac...
Windows MHTML Information Disclosure Vulnerability (2503658)
This host is missing a critical security update according to Microsoft Bulletin MS11-026. OpenVAS Vulnerability Test $Id: secpodms11-026.nasl 8724 2018-02-08 15:02:56Z cfischer $ Windows MHTML Information Disclosure Vulnerability 2503658 Authors: Antu Sanadi Copyright: Copyright c 2011 SecPod,...
Windows MHTML Information Disclosure Vulnerability (2503658)
This host is missing a critical security update according to Microsoft Bulletin MS11-026. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
MS11-026: Vulnerability in MHTML Could Allow Information Disclosure (2503658)
A flaw exists in the way MHTML interprets MIME-formatted requests for content blocks within a document. An attacker, exploiting this flaw, could cause a victim to run malicious scripts when visiting various web sites, resulting in information disclosure. C Tenable Network Security, Inc...
VulnCheck KEV: CVE-2011-0096
The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle a MIME format in a request for content blocks in a document, which allows remote...
Microsoft Planning 17 Bulletins to Fix 64 Bugs in April Patch Tuesday
Microsoft is planning a huge Patch Tuesday for April, alerting customers that the company will issue 17 bulletins next week to fix a total of 64 vulnerabilities. Nine of the bulletins have a maximum severity rating of critical. The bulletins will cover a range of Microsoft products, including...
Google users targeted by hackers !
Google has warned of politically motivated and targeted attacks against users of its services. According to the company, the attackers are also targeting the users of another undisclosed social network. In a blog posting, the Google security team says that the exploit is based on a security hole ...
Attackers Targeting MHTML Bug in Windows
There is a wave of ongoing attacks against a bug in MHTML that affects all of the current versions of Windows, and there seems to be little recourse for sites trying to protect their users from the attacks. The current spate of attacks is targeting users of Internet Explorer, and experts are...
MHTML vulnerability under active exploitation !
We've noticed some highly targeted and apparently politically motivated attacks against our users. We believe activists may have been a specific target. We've also seen attacks against users of another popular social site. All these attacks abuse a publicly-disclosed MHTML vulnerability for which...
Microsoft Fills Windows, Office Holes with March Patch Release
Microsoft Corp. issued their monthly security bulletins on Tuesday, with fixes for four known vulnerabilities in the company’s Windows operating system, Office suite and Remote Desktop Connection products. The March patch release included three bulletins: MS11-015, 016 and 017. Only one, MS11-015...
Microsoft Internet Explorer Information Disclosure Vulnerability (2501696)
The host is installed with Internet Explorer and is prone to information disclosure vulnerability. This NVT has been replaced by NVT secpodms11-026.nasl OID:1.3.6.1.4.1.25623.1.0.902409. OpenVAS Vulnerability Test $Id: secpodmsiemhtmlinfodiscvuln.nasl 6526 2017-07-05 05:43:52Z cfischer $ Microsof...
Microsoft Internet Explorer Information Disclosure Vulnerability (2501696)
Internet Explorer is prone to an information disclosure vulnerability. This VT has been deprecated and replaced by the VT with the OID: 1.3.6.1.4.1.25623.1.0.902409. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C ...
Microsoft Readies 'Critical' Windows, IE Patches
As part of this month’s Patch Tuesday schedule, Microsoft plans to ship a dozen bulletins with fixes for 22 vulnerabilities, some serious enough to allow hackers complete access to a vulnerable Windows machine. According to Microsoft’s advance notice, three of the 12 bulletins will carry be rated...
MS KB2501696: Vulnerability in MHTML Could Allow Information Disclosure
A flaw exists in the way MHTML interprets MIME-formatted requests for content blocks within a document. An attacker, exploiting this flaw, could cause a victim to run malicious scripts when visiting various websites, resulting in information disclosure. %NASLMINLEVEL 999999 C Tenable Network...
CVE-2011-0096
The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle a MIME format in a request for content blocks in a document, which allows remote...
Cross site scripting
The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle a MIME format in a request for content blocks in a document, which allows remote...
CVE-2011-0096
The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle a MIME format in a request for content blocks in a document, which allows remote...
CVE-2011-0096
The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle a MIME format in a request for content blocks in a document, which allows remote...
CVE-2011-0096
The CVE describes a vulnerability in the MHTML protocol handler where improper processing of MIME-formatted requests for content blocks can allow a remote attacker to trigger client-side effects in Internet Explorer. Connected advisories (MS11-026 and related OpenVAS/Nessus listings) frame this a...