4.3
CVE-2007-2225
- EPSS 25.04%
- Veröffentlicht 12.06.2007 20:30:00
- Zuletzt bearbeitet 16.06.2026 22:39:10
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
A component in Microsoft Outlook Express 6 and Windows Mail in Windows Vista does not properly handle certain HTTP headers when processing MHTML protocol URLs, which allows remote attackers to obtain sensitive information from other Internet Explorer domains, aka "URL Parsing Cross Domain Information Disclosure Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Outlook Express Version6.0
Microsoft ≫ Windows 2003 Server Editionx64
Microsoft ≫ Windows 2003 Server Updatesp2 Editionx64
Microsoft ≫ Windows 2003 Server Versionsp1
Microsoft ≫ Windows 2003 Server Versionsp1 Editionitanium
Microsoft ≫ Windows 2003 Server Versionsp2 Editionitanium
Microsoft ≫ Windows Xp Editionprofessional_x64
Microsoft ≫ Windows Xp Updatesp2
Microsoft ≫ Windows Xp Updatesp2 Editionprofessional_x64
Microsoft ≫ Windows 2003 Server Updatesp2 Editionx64
Microsoft ≫ Windows 2003 Server Versionsp1
Microsoft ≫ Windows 2003 Server Versionsp1 Editionitanium
Microsoft ≫ Windows 2003 Server Versionsp2 Editionitanium
Microsoft ≫ Windows Xp Editionprofessional_x64
Microsoft ≫ Windows Xp Updatesp2
Microsoft ≫ Windows Xp Updatesp2 Editionprofessional_x64
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 25.04% | 0.976 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:P/I:N/A:N
|
http://www.securityfocus.com/archive/1/471947/100/0/threaded
http://www.us-cert.gov/cas/techalerts/TA07-163A.html
http://www.vupen.com/english/advisories/2007/2154
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-034
http://secunia.com/advisories/25639
http://archive.openmya.devnull.jp/2007.06/msg00060.html
http://openmya.hacker.jp/hasegawa/security/ms07-034.txt
http://osvdb.org/35345
http://www.kb.cert.org/vuls/id/682825
http://www.securityfocus.com/archive/1/472002/100/0/threaded
http://www.securityfocus.com/bid/24392
http://www.securitytracker.com/id?1018231
http://www.securitytracker.com/id?1018232
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2045