Microsoft Outlook Express And Windows Mail MHTML Handler Information Disclosure Vulnerability

Microsoft Outlook Express And Windows Mail are prone to an information-disclosure vulnerability because of an error in the Windows MHTML protocol handler.

Note that an attacker can exploit this issue via Internet Explorer because the browser internally uses the vulnerable component of Outlook Express and Windows Mail. Successful exploits will allow the attacker to bypass Internet Explorer domain restrictions and to read data from a different Internet Explorer domain or security zone.


Privacy Statement
Copyright 2010, SecurityFocus