4.3

CVE-2006-2111

Exploit
A component in Microsoft Outlook Express 6 allows remote attackers to bypass domain restrictions and obtain sensitive information via redirections with the mhtml: URI handler, as originally reported for Internet Explorer 6 and 7, aka "URL Redirect Cross Domain Information Disclosure Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftOutlook Express Version6.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 40.31% 0.985
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:P/I:N/A:N
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://www.securityfocus.com/archive/1/449917/100/0/threaded
http://secunia.com/Internet_Explorer_Arbitrary_Content_Disclosure_Vulnerability_Test/
Vendor Advisory
Exploit
http://secunia.com/advisories/19738
Vendor Advisory
Exploit
http://secunia.com/advisories/22477
Vendor Advisory
http://securitytracker.com/id?1016005
Exploit
http://www.kb.cert.org/vuls/id/783761
US Government Resource
http://www.osvdb.org/25073
http://www.securityfocus.com/archive/1/449883/100/200/threaded
http://www.securityfocus.com/archive/1/471947/100/0/threaded
http://www.securityfocus.com/bid/17717
http://www.us-cert.gov/cas/techalerts/TA07-163A.html
US Government Resource
http://www.vupen.com/english/advisories/2006/1558
Vendor Advisory
http://www.vupen.com/english/advisories/2007/2154
Vendor Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-034
https://exchange.xforce.ibmcloud.com/vulnerabilities/26281
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1605