Lucene search
K

248 matches found

CVE
CVE
added 2007/06/12 9:0 p.m.66 views

CVE-2007-2227

CVE-2007-2227 describes information disclosure in the MHTML protocol handler used by Outlook Express 6 and Windows Mail, which processes MHTML contents via Internet Explorer and ignores the Content-Disposition header. The vulnerability enables an attacker to obtain sensitive data from other IE do...

4.3CVSS5.7AI score0.2504EPSS
Exploits1References13Affected Software1
Prion
Prion
added 2007/06/12 8:30 p.m.19 views

Information disclosure

A component in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle certain HTTP headers when processing MHTML protocol URLs, which allows remote attackers to obtain sensitive information from other Internet Explorer domains, aka "URL Parsing Cross Domain...

4.3CVSS6.3AI score0.2504EPSS
Exploits1References14Affected Software1
CVE
CVE
added 2007/06/12 8:0 p.m.62 views

CVE-2007-2225

CVE-2007-2225 involves a cross-domain information disclosure in the MHTML URI handler used by Outlook Express 6 and Windows Mail (on Windows Vista). The vulnerability arises when the MHTML protocol handler processes HTTP headers, causing IE to bypass domain restrictions and potentially disclose d...

4.3CVSS5.7AI score0.2504EPSS
Exploits1References14Affected Software1
myhack58
myhack58
added 2007/03/25 12:0 a.m.15 views

IE mhtml redirection vulnerability using the method-vulnerability warning-the black bar safety net

This vulnerability is primarily an information leak, see http://secunia. com/advisories/1 9 7 3 8/specific description. In order to ensure client safety, the xmlhttp is not cross-domain access to information. But the IE security problems, in the service end through the mhtml redirection...

7AI score
Exploits0
seebug.org
seebug.org
added 2006/11/03 12:0 a.m.12 views

Microsoft Internet Explorer畸形MHTML标记拒绝服务漏洞

Internet Explorer是微软发布的非常流行的WEB浏览器。 IE在解析包含畸形标记内容的MHTML文档时存在拒绝服务漏洞,远程攻击者可能利用此漏洞导致用户的IE浏览器崩溃。 Microsoft Internet Explorer 7.0 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.microsoft.com/windows/ie/default.asp Content-Type: text/html; charset="windows-1251" Content-Transfer-Encoding:...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2006/11/02 12:0 a.m.19 views

Microsoft Internet Explorer 7 - MHTML Denial of Service

Microsoft Internet Explorer 7 - MHTML Denial of Service source: https://www.securityfocus.com/bid/20875/info Microsoft Internet Explorer is prone to a denial-of-service vulnerability. This issue occurs when Internet Explorer attempts to parse certain malformed HTML content. Successfully exploitin...

7.3AI score
Exploits0
Exploit DB
Exploit DB
added 2006/11/02 12:0 a.m.19 views

Microsoft Internet Explorer 7 - MHTML Denial of Service

source: https://www.securityfocus.com/bid/20875/info Microsoft Internet Explorer is prone to a denial-of-service vulnerability. This issue occurs when Internet Explorer attempts to parse certain malformed HTML content. Successfully exploiting this issue will cause the affected application to cras...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2006/10/28 12:0 a.m.14 views

Microsoft Internet Explorer MHTML URI处理器信息泄露漏洞

Microsoft Internet Explorer是微软发布的非常流行的WEB浏览器。 Internet Explorer在处理有“mhtml:”URI处理器的URL的重新定向时存在漏洞,可能允许用户访问其他WEB站点所服务的文档。 Microsoft Internet Explorer 6 for Windows XP SP2 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.microsoft.com/windows/ie/default.asp...

7AI score
Exploits0
seebug.org
seebug.org
added 2006/10/27 12:0 a.m.69 views

Microsoft Windows MHTML超长URI串溢出漏洞(MS06-043)

Microsoft Windows是微软发布的非常流行的操作系统。 inetcomm.dll在使用"mhtml:" URI解析器处理URL时存在栈溢出漏洞,成功利用此漏洞的攻击者可以完全控制受影响的系统。 攻击者可以通过超长的URL来触发这个漏洞,如诱骗用户通过Internet Explorer打开恶意的站点或打开特制的Internet快捷方式。 Microsoft Windows XP SP2 Microsoft Windows XP Professional x64 Edition Microsoft Windows Server 2003 x64 Edition Microsoft...

7.5AI score
Exploits0
seebug.org
seebug.org
added 2006/10/27 12:0 a.m.11 views

Internet Explorer 7 “mhtml:”重新定向信息泄露漏洞

Internet Explorer 7是微软最新发布的WEB浏览器。 IE 7在处理 “mhtml:” 格式的URI重新定向时存在漏洞,远程攻击者可能利用此漏洞强制用户访问其他站点上的文件。 Microsoft Internet Explorer 7.0 临时解决方法: 禁用活动脚本。 厂商补丁: Microsoft --------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.microsoft.com/windows/ie/default.asp...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/10/25 12:0 a.m.14 views

Internet Explorer 7 “mhtml:”重新定向信息泄露漏洞

Internet Explorer 7是微软最新发布的WEB浏览器。 IE 7在处理 “mhtml:” 格式的URI重新定向时存在漏洞,远程攻击者可能利用此漏洞强制用户访问其他站点上的文件。 Microsoft Internet Explorer 7.0 临时解决方法: 禁用活动脚本。 厂商补丁: Microsoft --------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.microsoft.com/windows/ie/default.asp...

7.1AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2006/10/11 12:0 a.m.3 views

Update Protection against Microsoft Windows MHTML Remote Code Execution Vulnerability (MS06-043)

Several Microsoft Windows applications are prone to a buffer overflow vulnerability. Microsoft Internet Explorer, Windows Explorer and Outlook Express 6 fail to properly process overly long MHTML URLs. MHTML is an Internet standard that defines the MIME structure used to send HTML content in e-ma...

2.6CVSS7.2AI score0.47919EPSS
Exploits1
myhack58
myhack58
added 2006/10/09 12:0 a.m.19 views

IE mhtml redirection vulnerability using the method-vulnerability warning-the black bar safety net

Author: yunshuAtph4nt0m.org Team: http://www.ph4nt0m.org Data: 2006-05-11 This vulnerability is primarily an information leak, see http://secunia. com/advisories/1 9 7 3 8/specific description. In order to ensure client safety, the xmlhttp is not cross-domain access to information. But the IE...

7AI score
Exploits0
CERT
CERT
added 2006/08/08 12:0 a.m.28 views

Microsoft Windows fails to properly parse the MHTML protocol

Overview Microsoft Windows fails to properly handle MHTML. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description MHTML According to Microsoft Security Bulletin MS06-043: MHTML extends HTML to embed encoded objects, such as images, in the HTML...

2.6CVSS6.8AI score0.47919EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2006/06/05 12:0 a.m.29 views

inetconnCrash.txt

DEFAULT BASEURL= InternetShortcut...

7.4AI score
Exploits0
Prion
Prion
added 2006/06/02 10:18 a.m.18 views

Buffer overflow

Buffer overflow in INETCOMM.DLL, as used in Microsoft Internet Explorer 6.0 through 6.0 SP2, Windows Explorer, Outlook Express 6, and possibly other programs, allows remote user-assisted attackers to cause a denial of service application crash via a long mhtml URI in the URL value in a URL file...

2.6CVSS7.1AI score0.47919EPSS
Exploits1References13Affected Software2
Cvelist
Cvelist
added 2006/06/02 10:0 a.m.21 views

CVE-2006-2766

Buffer overflow in INETCOMM.DLL, as used in Microsoft Internet Explorer 6.0 through 6.0 SP2, Windows Explorer, Outlook Express 6, and possibly other programs, allows remote user-assisted attackers to cause a denial of service application crash via a long mhtml URI in the URL value in a URL file...

6.7AI score0.47919EPSS
Exploits1References13
CVE
CVE
added 2006/06/02 10:0 a.m.61 views

CVE-2006-2766

CVE-2006-2766 describes a Buffer Overflow in MHTML parsing within Windows components that impacts Microsoft Internet Explorer 6 (up to SP2), Windows Explorer, and Outlook Express 6. The vulnerability is triggered by processing a long MHTML URI value in a URL file, allowing remote user-assisted at...

2.6CVSS6.7AI score0.47919EPSS
Exploits1References13Affected Software2
Symantec
Symantec
added 2006/05/31 12:0 a.m.15 views

Microsoft Windows MHTML URI Buffer Overflow Vulnerability

Description Microsoft Windows is prone to a remote buffer-overflow vulnerability in 'INETCOMM.DLL'. The library fails to properly bounds-check user-supplied input data before copying it into an insufficiently sized memory buffer. Remote attackers may exploit this issue to execute arbitrary machin...

8.2AI score
Exploits0References1Affected Software2
exploitpack
exploitpack
added 2006/05/31 12:0 a.m.15 views

Microsoft Windows XP20002003 - MHTML URI Buffer Overflow (PoC)

Microsoft Windows XP20002003 - MHTML URI Buffer Overflow PoC source: https://www.securityfocus.com/bid/18198/info DEFAULT BASEURL= InternetShortcut...

0.1AI score
Exploits0
Rows per page
Query Builder