Microsoft Outlook Express MHTML URL Parsing Information Disclosure Vulnerability

Microsoft Outlook Express MHTML URL Parsing Information Disclosure Vulnerability

Outlook Express is prone to a cross-domain information-disclosure vulnerability.

This vulnerability may let a malicious website access properties of a site in an arbitrary external domain in the context of the victim user's browser. Attackers could exploit this issue to gain access to sensitive information (such as cookies or passwords) that is associated with the external domain.