Microsoft Outlook Express MHTML URL Parsing Information Disclosure Vulnerability

Bugtraq ID: 24392
Class: Origin Validation Error
CVE: CVE-2007-2225
Remote: Yes
Local: No
Published: Jun 12 2007 12:00AM
Updated: Jun 22 2007 06:19PM
Credit: SANS ISC is credited with the discovery of this vulnerability.
Vulnerable: Microsoft Windows Mail 0
+ Microsoft Windows Vista 0
 + Microsoft Windows Vista x64 Edition 0
 Microsoft Outlook Express 6.0 SP2
Microsoft Outlook Express 6.0 SP1
+ Microsoft Windows XP 64-bit Edition SP1
 + Microsoft Windows XP 64-bit Edition SP1
 + Microsoft Windows XP Home SP1
 + Microsoft Windows XP Home SP1
 + Microsoft Windows XP Professional SP1
 + Microsoft Windows XP Professional SP1
 Microsoft Outlook Express 6.0
+ Microsoft Windows Server 2003 Datacenter Edition
+ Microsoft Windows Server 2003 Datacenter Edition
+ Microsoft Windows Server 2003 Datacenter Edition
+ Microsoft Windows Server 2003 Datacenter Edition Itanium 0
 + Microsoft Windows Server 2003 Datacenter Edition Itanium 0
 + Microsoft Windows Server 2003 Datacenter Edition Itanium 0
 + Microsoft Windows Server 2003 Enterprise Edition
+ Microsoft Windows Server 2003 Enterprise Edition
+ Microsoft Windows Server 2003 Enterprise Edition
+ Microsoft Windows Server 2003 Enterprise Edition Itanium 0
 + Microsoft Windows Server 2003 Enterprise Edition Itanium 0
 + Microsoft Windows Server 2003 Enterprise Edition Itanium 0
 + Microsoft Windows Server 2003 Itanium SP2
 + Microsoft Windows Server 2003 Itanium SP2
 + Microsoft Windows Server 2003 Itanium SP1
 + Microsoft Windows Server 2003 Itanium SP1
 + Microsoft Windows Server 2003 Standard Edition
+ Microsoft Windows Server 2003 Standard Edition
+ Microsoft Windows Server 2003 Standard Edition
+ Microsoft Windows Server 2003 Standard x64 Edition
+ Microsoft Windows Server 2003 Standard x64 Edition
+ Microsoft Windows Server 2003 Web Edition
+ Microsoft Windows Server 2003 Web Edition
+ Microsoft Windows Server 2003 Web Edition
+ Microsoft Windows Server 2003 x64 SP2
 + Microsoft Windows Server 2003 x64 SP2
 + Microsoft Windows XP 64-bit Edition
+ Microsoft Windows XP 64-bit Edition
+ Microsoft Windows XP Home
+ Microsoft Windows XP Home
+ Microsoft Windows XP Home
+ Microsoft Windows XP Media Center Edition SP2
 + Microsoft Windows XP Media Center Edition SP2
 + Microsoft Windows XP Media Center Edition
+ Microsoft Windows XP Media Center Edition
+ Microsoft Windows XP Media Center Edition
+ Microsoft Windows XP Professional
+ Microsoft Windows XP Professional
+ Microsoft Windows XP Professional
+ Microsoft Windows XP Professional x64 Edition SP2
 + Microsoft Windows XP Professional x64 Edition SP2
 + Microsoft Windows XP Tablet PC Edition SP2
 + Microsoft Windows XP Tablet PC Edition SP2
 + Microsoft Windows XP Tablet PC Edition
+ Microsoft Windows XP Tablet PC Edition
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus