• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Outlook Express MHTML URL Parsing Information Disclosure Vulnerability

Solution:
The vendor has released an advisory to address this issue in supported applications. Please see the referenced advisory for details on obtaining the appropriate updates.


Microsoft Windows Mail 0

• Microsoft Cumulative Security Update for Outlook Express for Windows Vista (KB929123)
  Windows Vista
  http://www.microsoft.com/downloads/details.aspx?FamilyId=ee57de19-44ea -48f2-ae28-e76fd2018633&displaylang=en


• Microsoft Cumulative Security Update for Outlook Express for Windows Vista for x64-based Systems (KB929123)
  Windows Vista x64 Edition
  http://www.microsoft.com/downloads/details.aspx?FamilyId=343db20f-7794 -4423-b11d-885329fbdf78&displaylang=en

Microsoft Outlook Express 6.0 SP2

• Microsoft Cumulative Security Update for Outlook Express for Windows Server 2003 (KB929123)
  Windows Server 2003 Service Pack 1
  http://www.microsoft.com/downloads/details.aspx?FamilyId=93808a74-035c -4ab7-9283-c693d7bd82be&displaylang=en


• Microsoft Cumulative Security Update for Outlook Express for Windows Server 2003 (KB929123)
  Windows Server 2003 Service Pack 2
  http://www.microsoft.com/downloads/details.aspx?FamilyId=93808a74-035c -4ab7-9283-c693d7bd82be&displaylang=en


• Microsoft Cumulative Security Update for Outlook Express for Windows Server 2003 for Itanium-based Systems (KB
  Windows Server 2003 with SP1 for Itanium-based Systems
  http://www.microsoft.com/downloads/details.aspx?FamilyId=2e62e96e-6571 -437d-a612-99175ac39025&displaylang=en


• Microsoft Cumulative Security Update for Outlook Express for Windows Server 2003 for Itanium-based Systems (KB
  Windows Server 2003 with SP2 for Itanium-based Systems
  http://www.microsoft.com/downloads/details.aspx?FamilyId=2e62e96e-6571 -437d-a612-99175ac39025&displaylang=en


• Microsoft Cumulative Security Update for Outlook Express for Windows Server 2003 x64 Edition (KB929123)
  Windows Server 2003 x64 Edition
  http://www.microsoft.com/downloads/details.aspx?FamilyId=f63323a9-e285 -45e5-84bd-71ae9da126e3&displaylang=en


• Microsoft Cumulative Security Update for Outlook Express for Windows Server 2003 x64 Edition (KB929123)
  Windows Server 2003 x64 Edition Service Pack 2
  http://www.microsoft.com/downloads/details.aspx?FamilyId=f63323a9-e285 -45e5-84bd-71ae9da126e3&displaylang=en


• Microsoft Cumulative Security Update for Outlook Express for Windows XP (KB929123)
  Windows XP Service Pack 2
  http://www.microsoft.com/downloads/details.aspx?FamilyId=27cca556-0872 -4803-b610-4c895ceb99aa&displaylang=en


• Microsoft Cumulative Security Update for Outlook Express for Windows XP x64 Edition (KB929123)
  Windows XP Professional x64 Edition
  http://www.microsoft.com/downloads/details.aspx?FamilyId=1ea813bf-bddb -40f0-8960-b9debc8413e7&displaylang=en


• Microsoft Cumulative Security Update for Outlook Express for Windows XP x64 Edition (KB929123)
  Windows XP Professional x64 Edition Service Pack 2
  http://www.microsoft.com/downloads/details.aspx?FamilyId=1ea813bf-bddb -40f0-8960-b9debc8413e7&displaylang=en