|
|
Microsoft Outlook Express MHTML Forced File Execution Vulnerability
|
Bugtraq ID:
|
9105
|
|
Class:
|
Access Validation Error
|
|
CVE:
|
CAN-2004-0380
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Nov 25 2003 12:00AM
|
|
Updated:
|
Nov 25 2003 12:00AM
|
|
Credit:
|
The disclosure of this issue has been credited to Liu Die Yu <liudieyuinchina@yahoo.com.cn>.
|
|
Vulnerable:
|
Microsoft Outlook Express 6.0 SP1
+
Microsoft Windows XP 64-bit Edition SP1
+
Microsoft Windows XP 64-bit Edition SP1
+
Microsoft Windows XP Home SP1
+
Microsoft Windows XP Home SP1
+
Microsoft Windows XP Professional SP1
+
Microsoft Windows XP Professional SP1
Microsoft Outlook Express 6.0
+
Microsoft Windows Server 2003 Datacenter Edition
+
Microsoft Windows Server 2003 Datacenter Edition
+
Microsoft Windows Server 2003 Datacenter Edition
+
Microsoft Windows Server 2003 Datacenter Edition Itanium 0
+
Microsoft Windows Server 2003 Datacenter Edition Itanium 0
+
Microsoft Windows Server 2003 Datacenter Edition Itanium 0
+
Microsoft Windows Server 2003 Enterprise Edition
+
Microsoft Windows Server 2003 Enterprise Edition
+
Microsoft Windows Server 2003 Enterprise Edition
+
Microsoft Windows Server 2003 Enterprise Edition Itanium 0
+
Microsoft Windows Server 2003 Enterprise Edition Itanium 0
+
Microsoft Windows Server 2003 Enterprise Edition Itanium 0
+
Microsoft Windows Server 2003 Itanium SP2
+
Microsoft Windows Server 2003 Itanium SP2
+
Microsoft Windows Server 2003 Itanium SP1
+
Microsoft Windows Server 2003 Itanium SP1
+
Microsoft Windows Server 2003 Standard Edition
+
Microsoft Windows Server 2003 Standard Edition
+
Microsoft Windows Server 2003 Standard Edition
+
Microsoft Windows Server 2003 Standard x64 Edition
+
Microsoft Windows Server 2003 Standard x64 Edition
+
Microsoft Windows Server 2003 Web Edition
+
Microsoft Windows Server 2003 Web Edition
+
Microsoft Windows Server 2003 Web Edition
+
Microsoft Windows Server 2003 x64 SP2
+
Microsoft Windows Server 2003 x64 SP2
+
Microsoft Windows XP 64-bit Edition
+
Microsoft Windows XP 64-bit Edition
+
Microsoft Windows XP Home
+
Microsoft Windows XP Home
+
Microsoft Windows XP Home
+
Microsoft Windows XP Media Center Edition SP2
+
Microsoft Windows XP Media Center Edition SP2
+
Microsoft Windows XP Media Center Edition
+
Microsoft Windows XP Media Center Edition
+
Microsoft Windows XP Media Center Edition
+
Microsoft Windows XP Professional
+
Microsoft Windows XP Professional
+
Microsoft Windows XP Professional
+
Microsoft Windows XP Professional x64 Edition SP2
+
Microsoft Windows XP Professional x64 Edition SP2
+
Microsoft Windows XP Tablet PC Edition SP2
+
Microsoft Windows XP Tablet PC Edition SP2
+
Microsoft Windows XP Tablet PC Edition
+
Microsoft Windows XP Tablet PC Edition
Microsoft Outlook Express 5.5 SP2
+
Microsoft Windows 2000 Advanced Server SP4
+
Microsoft Windows 2000 Advanced Server SP4
+
Microsoft Windows 2000 Advanced Server SP3
+
Microsoft Windows 2000 Advanced Server SP3
+
Microsoft Windows 2000 Datacenter Server SP4
+
Microsoft Windows 2000 Datacenter Server SP4
+
Microsoft Windows 2000 Datacenter Server SP3
+
Microsoft Windows 2000 Datacenter Server SP3
+
Microsoft Windows 2000 Professional SP4
+
Microsoft Windows 2000 Professional SP4
+
Microsoft Windows 2000 Professional SP3
+
Microsoft Windows 2000 Professional SP3
+
Microsoft Windows 2000 Server SP4
+
Microsoft Windows 2000 Server SP4
+
Microsoft Windows 2000 Server SP3
+
Microsoft Windows 2000 Server SP3
+
Microsoft Windows ME
+
Microsoft Windows ME
Avaya S8100 Media Servers
Avaya S3400 Message Application Server
Avaya IP600 Media Servers
Avaya DefinityOne Media Servers
|
|
|
|
Not Vulnerable:
|
|
|
|
